Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Businesses Security Hardware

Build Your Own NOC 267

Posted by timothy from the role-playing-game dept.
Geminus writes "Ever wanted to build a cheap NOC but had difficulty explaining tech stuff to bean counting managers? Here's the basics on building one for under two grand. Makes for a pretty good dog-n-pony show, and proves useful too! Damn, I want to be an Armchair Network Operations Center General."
This discussion has been archived. No new comments can be posted.

Build Your Own NOC More

Build Your Own NOC

Comments Filter:

  • Nightmares. (Score:3, Insightful)

    by DAldredge ( 2353 ) <SlashdotEmail@GMail.Com> on Monday December 15, 2003 @02:57AM (#7722784) Journal
    This will cause me to have nightmares. I hope they are joking.

  • Oh brother. (Score:0, Insightful)

    by Anonymous Coward on Monday December 15, 2003 @03:10AM (#7722845)
    I was intrigued by the title of this story and I read the article but it's a complete piece of fluff that is devoid of a point. Why would anyone build a NOC if they have N to monitor? The article suggests having a TV tuned into CNN. Is this a joke?

    How do stories like this get through? (This isn't a rhetorical question. I'm sincerely curious.)

  • Re:The article. (Score:5, Insightful)

    by KrispyKringle ( 672903 ) on Monday December 15, 2003 @03:19AM (#7722873)
    Probably right. I've wondered about this before, when seeing these statements. But at least you don't have to worry about leaking information or being used as an intermediate host in an attack. Worst case is essentially a DOS. On the other hand, were this a logging host, you could concievably infect it as you mentioned, download to it a simple program (you'd have to hope you download it right, since there won't be any way to do TCP style checksumming, I suppose) and have it grep through the logs to remove entries with your IP address or whatever, all automatically. No? But that'd be a bitch of an exploit, if you could pull it all off all one way.

  • Re:coulda used this two years ago... (Score:4, Insightful)

    by Anonymous Coward on Monday December 15, 2003 @03:36AM (#7722931)
    This article was barely a page in length and revealed nothing concrete. This is meant as more of a joke than anything else, I assume. I hope you were joking as well... because that is pathetic if you'd need this article to learn how to build a NOC.

  • My NOC is my PowerBook. (Score:3, Insightful)

    by Mordant ( 138460 ) on Monday December 15, 2003 @03:38AM (#7722940)
    With very few exceptions (military, financial, public utilities sectors), it's pretty passe to have a 24/7/365 manned NOC, anymore, given VPN technology, the quality of remote-administration tools, etc.

    It just isn't necessary, anymore.

  • Re:Just one minor change... (Score:3, Insightful)

    by DAldredge ( 2353 ) <SlashdotEmail@GMail.Com> on Monday December 15, 2003 @03:40AM (#7722944) Journal
    Fox News Alert.
    Perterson Case
    Fox News Alert
    Jackson Case
    Fox News Alert
    Toby Case
    Fox News Alert
    More Mindless crap.

    And this is coming from someone who in the past bought dish network so I could watch fox news. But that is before it turned into all trash, all the time.

  • Re:The article. (Score:2, Insightful)

    by psyki ( 653079 ) on Monday December 15, 2003 @03:45AM (#7722959) Homepage
    With a "receive only sniffer", even if the machine gets infected it will have "zero chance" to infect other machines. Eric

  • Re:My NOC is my PowerBook. (Score:4, Insightful)

    by KrispyKringle ( 672903 ) on Monday December 15, 2003 @03:50AM (#7722970)
    Many large networks with critical infrastructure like to have something that's manned most of the time, though 24/7/265 gets pricey. The reason's pretty obvious. If at 3 AM your network goes down, you don't really want all your customers to be up the creek 'till 9 on Monday.

    If you're talking about corporate networks, you're probably right. But if you're talking about hosting companies, ISPs, companies that host their own critical infrastructure (like those you listed above), then the NOC, in some form or another, makes sense, doesn't it?

  • Re:For a real opensource NOC (Score:5, Insightful)

    by Anonymous Coward on Monday December 15, 2003 @04:23AM (#7723053)
    Unfortunately, as someone who has had to support real NOCs for real networks on a tight budget, I can state without reservation that the open source tools you mention (MRTG/RRD, OpenNMS) are mediocre to the point of unusability.

    Some people might find this puzzling, but the best NOC systems I've used on tight budgets were homegrown applications, usually after trying out and discovering the deficiencies of the open source tools. It isn't that hard to write a good NMS, but once someone rolls their own good one in-house, it rarely gets released into the wild. For that matter, many of the commercial packages are steaming piles, so if you have a talented programmer or two on staff, you can add value to your company by just writing your own NMS and not waste time with mediocre packages.

    This is one of those things that SOMEONE could do well in the open source domain, but I haven't seen it. When someone hacks together the foundation of a really slick NMS at some company that needs it, it inevitably becomes a competitive asset and therefore cloistered in the bowels of engineering. Having a killer NMS is a significant competitive advantage, and the field is populated with enough mediocre solutions right now that there is significant financial pressure to keep NMS code bases proprietary.

  • Re:WTF? (Score:2, Insightful)

    by thempstead ( 30898 ) on Monday December 15, 2003 @04:34AM (#7723074)
    Well its an amazing distribution ... seing as SuSE went from 8.2 to 9.0 .... there is no SuSE 8.3!

    t

  • please say no to unexplained acronyms (Score:5, Insightful)

    by altaic ( 559466 ) on Monday December 15, 2003 @04:45AM (#7723094)
    It would really be better if stories like this were not chosen for the front page. Whenever a story is posted with unexplained acronyms, tons more people click the links to see wtf it's talking about. More people who don't care about the actual (obscured) topic needlessly eat up the bandwidth, and the links are slashdotted much sooner. I know this is off-topic, however it does pertain to this story...

  • You're Kidding, Right? (Score:1, Insightful)

    by Anonymous Coward on Monday December 15, 2003 @04:49AM (#7723104)
    I count *three* Lisas. One Commodore PET (God I hated those.) One possible Apple IIish. One possible TVI term. Much other disconnected-looking monitors, printers, crap.

    Data center pictures are supposed to inspire confidence, not fear...I don't want to know how much hosting the PET is responsible for..

  • You can probably get it under a grand (Score:2, Insightful)

    by CrypticSpawn ( 719164 ) * on Monday December 15, 2003 @06:38AM (#7723421)
    Office space around here goes for around 200 (well, your location it might be different) a month, and bandwidth these days is pretty cheap. So after everything is said and done, you are looking at spending around 1-2k a month. If you aren't going to use alot of bandwidth, hell it could be less than a grand a month.

  • Re:Vulnerability of receive-only (Score:4, Insightful)

    by Lumpy ( 12016 ) on Monday December 15, 2003 @09:23AM (#7723935) Homepage
    first of all you have to FIND it. It's not going to be admitting that it even exists on the network. so you either needto make a bunch of wild ass guesses, have inside information, or start systematically attacking all the non-sctive IP addresses in the subnet.

    all of which will set off lots of NOC alarms before you even get to the machine.

  • This article is great... (Score:4, Insightful)

    by ApheX ( 6133 ) on Monday December 15, 2003 @10:24AM (#7724249) Homepage Journal
    Unless you suffer from a power outage. Then your 'NOC' is down, your servers down. Everything is useles and out of your control.

    Author should mention either hopping on eBay and getting a used rackmount UPS or building a battery backup yourself using car batteries. As crude as it sounds if you have the space (a seperate room) you can build a huge battery back up system for (relatively) next to nothing and be able to simply add more batteries for longer uptime, etc.

  • Re:coulda used this two years ago... (Score:2, Insightful)

    by Red Weasel ( 166333 ) on Monday December 15, 2003 @10:28AM (#7724277) Homepage
    You could always do what the Pentagon did and just setup a huge dog and pony show for the masses.

    NOC story for funding.

    Awhile back the Commander of Cheyenne Mountain was taking a tour of the Pentagon NOC facilities. At one point of the tour the guide showed off a large board of lights all pretty with labels, flashing and so forth. (picture the bat computer and you'll have a pretty good Idea)

    Anyway the CO was so impressed by this that when he got back to Colorado he informed the network folk of this great way to monitor network trafic and for us to get one too.

    After a bit of research into this we couldn't find out how this could possibly be useful. A wall of blinking lights? WTF?

    We finally got the go ahead to visit the Pentagon ourselves and went on the same tour as the CO. When the tour was over and we finally got a chance to talk to the NOC folk on our own we found out finally how to make our own "NETWORK TRAFIC SECURE DISPLAY".

    Hook up a bunch of lights to a randomizer and put labels on it. That's it.

    Needless to say we never did make this bitch but if you ever need to impress a PHB go for it.

Slashdot Top Deals

Living on Earth may be expensive, but it includes an annual free trip around the Sun.

Close