Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Packages that monitor OS configs and service/ports?
Operating Systems Linux Packages that monitor OS configs and service/ports? Post 302770788 by JCDinPGH on Monday 18th of February 2013 11:02:43 AM
Old 02-18-2013
Packages that monitor OS configs and service/ports?
I have several Redhat servers and workstations that I need to be able to monitor for any changes and be notified of any changes to the OS. The features I need to specifically monitor are:
ports - opening of new ports that are not already in a whitelist
services - any starting or attempts to start a service that is not in a whitelist.
users - any addition of new users or attempts to create a new user
system changes - any major change done to the OS in general.

Basically I need to be able to monitor the RHEL5 servers and workstations for any attempts to change their configs.

Does anyone know of a software package which does this kind of thing? I've found
several that do metrics but not any that are more specific to security monitoring.
Thanks for any ideas anyone can provide.
 

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Define different ports for one Service

Hi all, Is it possible to define different ports for one services. For examplehave I've a SMPP service on port 6000, and I want add port 6001, and 6002, and 6003, for the SMPP service. If it's possible? how can we proceed? is it just by modifiying the /etc/services file? Thanks for your... (3 Replies)
Discussion started by: Jeremy3
3 Replies

2. HP-UX

Monitor Service Status

Hey guys how do you determined the status of a certain service if its running or not aside from using ps. (0 Replies)
Discussion started by: sbn
0 Replies

3. Solaris

how to monitor ports

I run into this issue occasionally and just looking for suggestions on how others solved it. I would like to monitor ports on a large number of systems and would like to determine which systems are listening on specific ports. I know there are heavy-weight apps that provide this such as HP ovo... (6 Replies)
Discussion started by: mhm4
6 Replies

4. Shell Programming and Scripting

Script to Monitor List of Ports

Hi, I'm in need of a script that can monitor a list of 12 ports.. If one of the ports isn't in listening mode then email me.. The list of ports are 26401 - 26412.. (6 Replies)
Discussion started by: eclipseagent
6 Replies

5. Infrastructure Monitoring

Searching for Saas Monitor service which monitor my servers which are sitting in different providers

Sorry if this is the wrong forum Searching for Saas Monitor service which monitor my servers which are sitting in different providers . This monitor tool will take as less CPU as possible , and will send info about the server to main Dashboard. The info I need is CPU / RAM / my servers status (... (1 Reply)
Discussion started by: umen
1 Replies

LEARN ABOUT SUNOS

pmadm

pmadm(1M)																 pmadm(1M)

NAME

       pmadm - port monitor administration

SYNOPSIS

       pmadm -a [-p pmtag | -t type]  -s svctag -i id -m pmspecific -v ver [ -f xu] [-y comment] [-z  script]

       pmadm -r -p pmtag -s svctag

       pmadm -e -p pmtag -s svctag

       pmadm -d -p pmtag -s svctag

       pmadm -l [-t type | -p pmtag]  [-s svctag]

       pmadm -L [-t type | -p pmtag]  [-s svctag]

       pmadm -g -p pmtag -s svctag [-z script]

       pmadm -g -s svctag -t type -z script

       pmadm  is  the  administrative command for the lower level of the Service Access Facility hierarchy, that is, for service administration. A
       port may have only one service associated with it although the same service may be available through  more  than  one  port.  In  order	to
       uniquely  identify  an instance of a service, the pmadm command must identify both the port monitor or port monitors through which the ser-
       vice is available (-p or -t) and the service (-s). See .

       pmadm performs the following functions:

	 o  adds or removes a service

	 o  enables or disables a service

	 o  installs or replaces a per-service configuration script

	 o  prints requested service information

       Any user on the system may invoke pmadm to request service status (-l or -L) or to print per-service configuration scripts (-g without  the
       -z option). pmadm with other options may be executed only by a privileged user.

       The following options are supported:

       -a	       Add a service. pmadm adds an entry for the new service to the port monitor's administrative file. Because of the complexity
		       of the options and arguments that follow the -a option, it may be convenient to use a command script or the menu system	to
		       add services.

       -d	       Disable	a  service. Add x to the flag field in the entry for the service svctag in the port monitor's administrative file.
		       This is the entry used by port monitor pmtag.  See the -f option, below, for a description of the flags available.

       -e	       Enable a service. Remove x from the flag field in the entry for the service svctag in the port monitor administrative file.
		       This is the entry used by port monitor pmtag.  See the -f option, below, for a description of the flags available.

       -f xu	       The  -f	option specifies one or both of the following two flags which are then included in the flag field of the entry for
		       the new service in the port monitor's administrative file. If the -f option is not included,  no  flags	are  set  and  the
		       default conditions prevail. By default, a new service is enabled and no utmpx entry is created for it. An -f option without
		       a following argument is illegal.

		       x	Do not enable the service svctag available through port monitor pmtag.

		       u	Create a utmpx entry for service svctag available through port monitor pmtag.

       -g	       Print, install, or replace a per-service configuration script. The -g option with a -p option and a -s  option  prints  the
		       per-service configuration script for service svctag available through port monitor pmtag. The -g option with a -p option, a
		       -s option, and a -z option installs the per-service configuration script contained in the file script  as  the  per-service
		       configuration script for service svctag available through port monitor pmtag. The -g option with a - s option, a -t option,
		       and a -z option installs the file script as the per-service configuration script for service svctag available  through  any
		       port monitor of type type. Other combinations of options with -g are invalid.

       -i id	       id is the identity that is to be assigned to service svctag when it is started. id must be an entry in /etc/passwd.

       -l	       The  -l	option requests service information. Used by itself and with the options described below, it provides a filter for
		       extracting information in several different groupings.

		       -l		       By itself, the -l option lists all services on the system.

		       -l -p pmtag	       Lists all services available through port monitor pmtag.

		       -l -s svctag	       Lists all services with tag svctag.

		       -l -p pmtag-ssvctag     Lists service svctag.

		       -l -t type	       Lists all services available through port monitors of type type.

		       -l -t type-ssvctag      Lists all services with tag svctag available through a port monitor of type type.

		       Other combinations of options with -l are invalid.

       -L	       The -L option is identical to the -l option except that output is printed in a condensed format.

       -m pmspecific   pmspecific is the port monitor-specific portion of the port monitor administrative file entry for the service.

       -p pmtag        Specifies the tag associated with the port monitor through which a service (specified as -s svctag) is available.

       -r	       Remove a service. When pmadm removes a service, the entry for the service is removed from the port monitor's administrative
		       file.

       -s svctag       Specifies  the  service tag associated with a given service. The service tag is assigned by the system administrator and is
		       part of the entry for the service in the port monitor's administrative file.

       -t type	       Specifies the port monitor type.

       -v ver	       Specifies the version number of the port monitor administrative file. The version number may be given as

		       -v 'pmspec -V`

		       where pmspec is the special administrative command for port monitor pmtag. This special command is ttyadm  for  ttymon  and
		       nlsadmin  for  listen. The version stamp of the port monitor is known by the command and is returned when pmspec is invoked
		       with a -V option.

       -y comment      Associate comment with the service entry in the port monitor administrative file.

       -z script       Used with the -g option to specify the name of the file that contains the per-service  configuration  script.  Modifying  a
		       configuration  script  is  a three-step procedure. First a copy of the existing script is made (-g alone). Then the copy is
		       edited. Finally, the copy is put in place over the existing script (-g with -z).

       Options that request information write the requested information to the standard output. A request for  information  using  the	-l  option
       prints  column headers and aligns the information under the appropriate headings. In this format, a missing field is indicated by a hyphen.
       A request for information in the condensed format using the -L option prints the information in colon-separated fields; missing fields  are
       indicated by two successive colons. # is the comment character.

       Example 1: Adding a Service to a Port Monitor with the Tag pmtag

       The  following  command	adds  a  service  to a port monitor with tag pmtag and gives the service the tag svctag. The port monitor-specific
       information is generated by specpm. The service defined by svctag will be invoked with identity root.

       pmadm -a -p pmtag -s svctag -i root -m `specpm -a arg1 -b arg2`-v `specpm -V`

       Example 2: Adding a Service with Service Tab svctag

       The following command adds a service with service tag svctag, identity guest, and port monitor-specific information generated by specpm	to
       all port monitors of type type:

       pmadm -a -s svctag -i guest -t type -m `specpm -a arg1 -b arg2`-v `specpm -V`

       Example 3: Removing a Service

       The following command removes the service svctag from port monitor pmtag:

       pmadm -r -p pmtag -s svctag

       Example 4: Enabling a Service

       The following command enables the service svctag available through port monitor pmtag:

       pmadm -e -p pmtag -s svctag

       Example 5: Disabling a Service

       The following command disables the service svctag available through port monitor pmtag:

       pmadm -d -p pmtag -s svctag

       Example 6: Listing Status Information

       The following command lists status information for all services:

       pmadm -l

       Example 7: Listing Status Information

       The following command lists status information for all services available through the port monitor with tag ports:

       pmadm -l -p ports

       Example 8: Listing Status Information in Condensed Format

       The following command lists the status information for all services available through the port monitor with tag ports in condensed format:

       pmadm -L -p ports

       Example 9: Listing Status Information for All Services

       List status information for all services available through port monitors of type listen:

       pmadm -l -t listen

       Example 10: Printing the per-service Configuration

       The following command prints the per-service configuration script associated with the service svctag available through port monitor pmtag:

       pmadm -g -p pmtag -s svctag

       The following exit values are returned:

       0	Successful operation.

       >0	Operation failed.

       /etc/saf/pmtag/_config

       /etc/saf/pmtag/svctag

       /var/saf/pmtag/*

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

       sac(1M), sacadm(1M), doconfig(3NSL), attributes(5)

								    10 Nov 1998 							 pmadm(1M)
All times are GMT -4. The time now is 01:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy