October 15th, 2008 by Gabriel

MRTG :-

MRTG (Multi Router Traffic Grapher) is a simple tool to administer the network traffic with IIS.
It queries SNMP counters and generate HTML pages with current network graphs for incoming and outgoing bytes. You can get detailed explanation of your traffic with MRTG.
MRTG is one of the intrusion detection tool it gives you the big picture of your network traffic in diffeent views like week, month, or year.

MRTG plays a very important role in case of hacking and attacking of server.  It helps to track down the exact cause and source of attack by allowing to monitor network traffic, number of packets, connections to server, protocol error messages, number of connected users, requests, CPU/RAM/disk usage, processes that are currently in execution state in memory etc.

MRTG installation on Windows server :-

Before we proceed to install MRTG we have to install SNMP with following steps

Go to Control Panel >> Add or Remove Programs >> Add/Remove Windows Components >> select Management and Monitoring Tools >> click on Details button >> enable the check box for “Simple Network Management Protocol” >> Click on OK then click on Next to proceed with installation.

Here you have installed SNMP for your server

MRTG is a Perl script hence you will need to download and install ActivePerl. You can refer following link to download and more information on Activeperl-
http://www.activestate.com/Products/ActivePerl/

Now downlaod the latest version of MRTG at - http://tobi.oetiker.ch/  OR  http://winadmin.co.uk/MRTG_files.zip

Extract the files into C:\Program Files\MRTG

Now we either create a web site for MRTG or create a virtual directory under any exisiting web site.
Set the MRTG site to not run scripts or executables and provide only Read access.
Move all the configuration files in to C:\Program Files\MRTG\Bin directory.
To test the configuration execute following command at mentioned location on command prompt -

C:\ProgramFiles\MRTG>perl mrtg mrtg.cfg

after SUCCESSFULL execution of above command you should now have some more files created in your MRTG web directory.

Now browse the web site/virtual directory you have created to get the MRTG output

October 12th, 2008 by Gabriel

Some basic security policies that a Web Administrator should have to consider are -

1. who/which user is allowed to use the system
2. when the user is allowed to use it
3. which user granted which level of access
4. procedures for granting access to the system
5. remote and local access methods
6. system monitoring
7. suspected security breaches

If you don’t have a clear picture of what is permitted, you can never be sure when a violation has occurred.

General security precautions to take -

1. Limit the number of login accounts available on the machine and delete inactive users.
2. The Crack programs help to detect poorly chosen passwords hence force the people to use strong             passwords who have login privileges.
3. Unused services should be turned off. For e.g. if FTP is no longer needed then it should be stopped.
4. Check system regularly for suspicious activity.
5. Make sure that permissions are set correctly on system files.