Network security monitoring with Icinga

von Ralf C. Staudemeyer ()

An increasing number of network and system administrators use Icinga (or Nagios and Shinken respectively) to cover their monitoring needs. These systems are highly customisable with various add-ons and plugins proven in years of application.

In this talk we will share a selection of plugins and ideas for monitoring security relevant activity and events with Icinga. This includes reminding on outstanding maintenance operations, detecting anomalous activity, monitoring (and control) of brute force attacks running, and most certainly the security of Web, DNS, Email and DHCP-services in general.

Given an existing Icinga monitoring system (like we documented in our 'Nagios/Icinga Kochbuch' recently published by O'Reilly) and not the resources to setup a proper security monitoring solution (like it is unfortunately under normal circumstances the case); why not at least improve network security by adding few more plugins?

Following the presentation there will be a discussion were we will encourage interested individuals to propose (or even contribute) security relevant checks missing. The most interesting contributions might get implemented, documented and published. Resulting plugins will be made freely available.

Über den Autor Ralf C. Staudemeyer:

Ralf C. Staudemeyer (b. 1973) has a doctorade in computer science and shows more than 15 years of international experience in research, teaching and application. His areas of expertise include planning, administration, protection and monitoring of modern networks. Currently, he is a globetrotter, scientist and author.