http://willbradley.disqus.com/enTue, 24 Jan 2012 16:42:37 -0000http://willbradley.name/2011/02/concrete5-unable-to-send-mail-error-patch/#comment-419926816Thanks and be Blessed.1plmTue, 24 Jan 2012 16:42:37 -0000http://willbradley.name/contact-2/#comment-397685196I want that nagios board. I WANT IT. I live in Phoenix and can pick it up at your convenience.dmgFri, 30 Dec 2011 21:31:48 -0000http://willbradley.name/2011/07/tennis-for-two-vintage-videogames/#comment-384776639coolDavidMon, 12 Dec 2011 09:48:37 -0000http://willbradley.name/2010/10/test-driven-it/#comment-89951477Indeed, I'd like to find something closer to the holy grail as well. For web developers obviously scripting is a good choice, but for pure system/network people I think tools like IPMonitor do a great job of testing things like the contents of an HTML page or the size of a file. Only problem with IPMonitor is that it costs a fair bit of money.willbradleyMon, 25 Oct 2010 15:12:49 -0000http://willbradley.name/2010/10/test-driven-it/#comment-89887073That's in some ways the holy grail of monitoring software. An IT shop that has their monitors setup in such a way that whenever a change occurs the tests pass or fail is a happy IT shop. Too often though people setup monitors that ping or maybe check to see that a particular port is listening and leave it at that. Good monitors need to poll your systems the same way your customers do. A few packages I've run into over the years that can do that include MS SCOM, HP Sitescope (formerly had a free version but not since bought by HP), Zabbix (currently free, but a pain to setup IMHO), WhatsUpGold, plus many others. The key seems to be finding a system that doesn't rely too heavily on ping and SNMP. SNMP is great but cryptic as hell if you have to write your own mibs. <br><br>Another method I've resorted to in the past is to write your own tests. In windows, WMI can be your best friend. AutoIt automation macros can be used to test legacy GUIs that can only be tested in the GUI or with low level Win32 calls, and .NET has a ton of automation tools that can be used to script just about any test imaginable. Just write your test in .NET or shell scripts in Linux and have it output to html with a simple code like 0 or OK and something meaningful for error conditions . Then check the outputs with a free web scraper monitoring system like Zabbix.HarryMon, 25 Oct 2010 12:45:37 -0000http://s1484.at1.pressdns.com/2010/07/security-for-developers/#comment-64334594What do you think about fail2ban? Our legacy managed hosts think that will stop portscanning and DDoS attacks.Ryan GaspariniMon, 26 Jul 2010 16:43:41 -0000http://s1484.at1.pressdns.com/2010/07/security-for-developers/#comment-63780255Thanks Ryan! bcrypt is definitely useful for storing database dumps securely. Blowfish is a symmetric cipher, which means that the original data can be recovered. For passwords, however, you will want an asymmetric hash like SHA2-- the original password can't be recovered, only compared.<br><br>Changing SSH to a port other than 22, and disabling root logins via SSH, is good advice, but don't let that lull you into relaxing your security. Basically it just weeds out portscanning bots-- anyone who's run a blog knows that bots are 90% of the problem but the remaining 10% is still a big concern when you're talking about a dozen attempts per second.willbradleyThu, 22 Jul 2010 16:52:20 -0000http://s1484.at1.pressdns.com/2010/07/security-for-developers/#comment-63773654+ bcrypt or bust<br>+ change port defaults to custom valueRyan GaspariniThu, 22 Jul 2010 16:16:35 -0000