NETWORK MANAGEMENT AND REMOTE MONITORING VIA SMS APPLICATION

Faculty of Information Technology and Quantitative Science MARA University of Technology NETWORK MANAGEMENT AND REMOTE MONITORING VIA SMS APPLICATION Prepared by: ROZITA MD. ALI 2004219886 Supervised by: ENCIK KAMARUL ARIFFIN ABD.BASIT Thesis submitted in partial fulfillment requirement for the BACHELOR OF SCIENCE (Hons) in DATA COMMUNICATION AND NETWORKING (CS 225)

NETWORK MANAGEMENT AND REMOTE MONITORING VIA SMS APPLICATION ROZITA MD. ALI 2004219886 This project submitted to the Faculty of Information Technology and Quantitative Science MARA University of Technology In partial fulfillment requirement for the BACHELOR OF SCIENCE (Hons) in DATA COMMUNICATION AND NETWORKING Approved by the examining committee: ----------------------------------------------------- ENCIK KAMARUL ARIFFIN ABD.BASIT Project supervisor -------------------------------------------------------- PUAN SITI ARPAH AHMAD Project examiner i

CERTIFICATE OF ORIGINALITY This is to certify that I am responsible for the work submitted in this project that the original work is my own except as specified in the references and acknowledgement the original work contained here in not been taken or done by unspecified sources or persons. ---------------------------------------------------------- ROZITA MD.ALI 2004219886 27 of April 2006 ii

ACKNOWLEDGEMENT All praises be to the Mighty Allah, the Merciful and the Beneficent for the strength and blessing in the completion of this study. I wish to express my deepest appreciation to my supervisor, Encik Kamarul Ariffin Abd. Basit for his valuable guidance, encouragement and constructive criticism that I had been receiving for the preparation of this manuscript and the well going for this project. I also wish to express my sincere appreciation to lecturer of this subject Professor Dr. Saadiah binti Yahaya and Encik Adzhar for their teaching and guidance from very beginning. Especially to my beloved parents and all my friends, yana, mang,moq,kem thanks a lot for your support and encouragement that you give. And also to all lecturers in the Faculty of Information Technology and Quantitative Sciences, thanks for their dedication, efforts and support in sharing valuable knowledge. Thank you all. iii

ABSRACT Nagios is an open source network monitoring tool. It is free, powerful and flexible. It can be tricky to learn and implement, but can reduce enormously the amount of time required to keep track of how your organization's IT infrastructure is performing. To understand the usefulness of Nagios, consider a typical IT infrastructure that one or more system administrators are responsible for. Even a small company may have a number of pieces of hardware with many services and software packages running on them. Larger companies may have hundreds or even thousands of items to keep up and running. Both small and large companies may have decentralized operations, implying a decentralized IT infrastructure, with no ability to physically see many of the machines at all. iv

Table of Contents Chapter 1: Introduction 1.1 Introduction 1 1.2 Project Background 1 1.3 Problem statements 2 1.4 Project Objectives 3 1.5 Project Scope 3 1.6 Project Significant 4 1.7 Conclusion 4 Chapter 2: Literature Review 2.1 Introduction 5 2.2 Nagios Management tool 2.2.1 Introduction to Nagios 6 2.2.2 System Requirements 7 2.2.3 Features 8 2.2.4 Nagios Architecture 9 2.3 Definition of Pertinent Technical Terminologies 2.3.1 Network Management 10 2.3.2 The Functional Area of Network Management 11 2.3.3 Network Management architecture 13 2.3.4 Short Message System (SMS) 15 2.3.5 Global System for Mobile Communications (GSM) 16 2.3.6 PHP 17 2.3.7 MYSQL 17 2.3.8 Gammu 19 2.4 Different Approaches to Solve Same Problem 2.4.1 Email 20 2.4.2 Pager 20 2.4.3 WinPopup message 21 v

2.4.4 Instant message 21 2.5 Different Approaches to Solve Similar Problem 2.5.1 OpenNMS Network Monitoring Tool 22 2.5.2 ActiveXpert Network Monitoring Tool 22 2.5.3 Big Brother Network Monitoring Tool 23 2.5.4 Netdisco 23 2.6 Other Related studies 2.6.1 Devices and Problem Discovery in Network Monitoring 24 2.6.2 Network Problem Notification via SMS 24 2.6.3 Exam Result via SMS 25 2.6.4 Computer Event Communication via Mobile SMS 25 2.6.5 Network Administration: Remote Monitoring & Security Via Sms Application (Remote Manager) 26 2.6.6 Alternative Network Management Tool to Make System 26 Administrator Easier 2.7 Conclusion 27 Chapter 3: Methodology 3.1 Introduction 28 3.2 Flow of The Methodology 29 3.2.1 Preliminary investigation 30 3.2.2 Designing Architecture 31 3.2.3 Assembling Hardware and Software 32 3.2.4 Platform site 3.2.4.1 Installation and configuration 33 3.2.4.2 Testing 34 3.2.4.3 Implementation 35 3.2.4.4 Integration 36 3.2.5 Network monitoring site 3.2.5.1 Install 36 3.2.5.2 Configure 43 vi

3.2.5.3 Notification (SMS application) 53 3.2.5.4 Testing 59 3.2.5.5 Implement 60 3.3. Conclusion 60 Chapter 4: Result and Finding 4.1 Introduction 61 4.2 Result and findings 61 4.2.1 Monitoring Site 4.2.1.1 Architecture for host check 63 4.2.1.2 Architecture for services check 64 4.2.1.3 Web interface 65 4.2.2 Application Site 4.2.2.1 SMS notifications 71 4.3 Conclusions 73 Chapter 5: Conclusion and recommendation 5.1 Introduction 73 5.1 Conclusion 73 5.2 Recommendation 74 References 75 Appendixes 77 vii

LIST OF FIGURES Figure Pages Figure 2.1 Nagios monitoring 8 Figure 2.2 Nagios architecture 10 Figure 2.3 A Typical Network Management Architecture Maintains Many Relationships 14 Figure 2.4 An SMS text messaging application connects to SMSCs through an SMS gateway. 17 Figure 3.1 Flow of methodology 30 Figure 3.2 Hardware and software architecture 32 Figure 3.3 Configuration Nagios 45 Figure 3.4 Open main configuration file 46 Figure 3.5 Configuration file 46 Figure 3.6 Edit configuration file 46 Figure 3.7 Resource configuration file 47 Figure 3.8 Open hosts configuration 47 Figure 3.9 Host configuration file 48 Figure 3.10 Open hostgroups configuration file 48 Figure 3.11 Hostgroups configuration file 49 Figure 3.12 Open contacts configuration file 49 Figure 3.13 Contact configuration file 50 Figure 3.14 Open contactgroups configuration file 50 Figure 3.15 Contactgroup configuration file 51 Figure 3.16 Open services configuration file 51 Figure 3.17 Services configuration file 52 Figure 3.18 Open checkcommands configuration file 52 Figure 3.19 Checkcommand configuration file 52 Figure 3.20 Open cgi configuration file 52 Figure 3.21 Cgi configuration file 53 Figure 3.22 Application architectures 54 viii

Figure 3.23 Hardware connection 55 Figure 3.24 Remove back cover 55 Figure 3.25 Remove the battery 56 Figure 3.26 Hold the connector 56 Figure 3.27 Connect cable to communication port at PC 57 Figure 3.28 Communication port 57 Figure 3.29 Interface for gammu 59 Figure 3.30 Notify configuration 61 Figure 4.1 System flow 64 Figure 4.2 Architecture for host check 65 Figure 4.3 Architecture for services check 66 Figure 4.4 Main pages 67 Figure 4.5 Tactical overview interfaces 68 Figure 4.6 Service detail interface 68 Figure 4.7 Host group overview interface 69 Figure 4.8 Hostgroup Summary interface 69 Figure 4.9 Hostgroup grid 70 Figure 4.10 Status map interface 70 Figure 4.11 3 D status map interface 71 Figure 4.12 Process info interface 71 Figure 4.13 Performance info interface 72 Figure 4.14 Scheduling queue interface 72 Figure 4.15 Notification 73 Figure 4.16 Date and time of notification 74 ix

LIST OF ABBREVIATIONS GUI Graphical User Interfaces SMS Short Message Services MRTG Multi Router Traffic Grapher TCP/IP Transmission Control Protocol/Internet Protocol RTD Resistance Temperature Detector SMTP Simple Mail Transfer Protocol POP3 Post Office Protocol version 3 HTTP HyperText Transfer Protocol NNTP Network News Transfer Protocol ITU the International Telecommunications Union OSI Open Systems Interconnect ISO International Standards Organization ACL Access Lists MIB Management Information Base ICMP Internet Control Message Protocol SNMP Simple Network Management Protocol GSM Global System for Mobile Communications GPRS General Packet Radio Service PHP Hypertext Processor CLI Command Line Interface DBMS SQL Database Management System GPL General Public License BSD Berkeley Software Distribution API Application Programming Interface WAP Wireless Application Protocol MMS Multimedia Messaging Service OBEX OBject EXchange LAN Local Area Network WAN Wide Area Network x

CDP CGI Cisco Discovery Protocol Computer graphics interface xi

Chapter 1 INTRODUCTION 1.1 Introduction This thesis is to study one of network management tool is functioning in our network. This tool is Nagios network management tool. Nagios is an open source network monitoring tool. It is free, powerful and flexible. It can be tricky to learn and implement, but can reduce enormously the amount of time required to keep track of how your organization's IT infrastructure is performing. 1.2 Project Background Network management means different things to different people. In some cases, it involves a solitary network consultant monitoring network activity with an outdated protocol analyzer. In other cases, network management involves a distributed database, auto polling of network devices, and high-end workstations generating real-time graphical views of network topology changes and traffic. In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks. Computer systems are not infallible, critical networked systems have contingency plans with backup systems. Remote systems may be monitored using traditional network monitoring tools but specific information about errors and failures can only be conveyed to the operator who is currently at the monitoring station. Many of these monitoring tools have detailed GUI's (Graphical User Interfaces), which tell the operator which node has failed and even give a network map of where the node is, but this only tells the person who is currently monitoring the monitoring software. There is a visible opening for improvement with certain types of network monitoring software. What would be useful is a method of notifying the appropriate people when the system fails rather than just 1

producing static on-screen messages. If the system could notify the operator directly instead of the operator having to wait for something to happen then the system would be taking a more pro-active role in the way it fails. However, a system that has just lost its power cannot communicate to anything to notify anyone, so what is needed is another device to monitor or manage the selected systems for any problems. Action can then be taken to notify service staff or possibly even take recovery action. 1.3 Problem Statements Naturally, each piece of hardware will have a unique set of software products running on it. Faced with a multitude of hardware and software to monitor, administrators cannot pay attention to each specific item; the default posture in this kind of situation is to respond to service outages on a reactive basis. Worse, awareness of the problem usually comes only after an end-user complains. Beyond the obvious public relations problem, there are also inefficiencies inherent in reactive problem solving. Problems that might have only taken a few minutes to address if caught early can become much more time-consuming if addressed later. For example, a database that is running out of disk space for its logs might be easy to fix before the last byte of disk is consumed, but fixing the problem once the system is hung due to inability to write log records is much harder to do. The performance of the computer network is a major concern for all networks administrators. Keeping the network performance to its optimum level is major challenge as network within the organization keeps on expanding. To sustain a high level of user productivity, network managers have to ensure that there are no bottlenecks in the network. If a bottleneck does exist, it must be eliminated as soon as possible. Also any changes from user are prohibited, this is to maintain the network reliability.[m.masri,2003]. Sometimes, network administrator do not enough time to monitor all of the devices in the network, so network monitoring tool will help them in order to ensure the network is always in good state. Then, the important thing is the 2

notification about the network problem must sent as soon as possible because if notify is arrive is too late any serious problem will occur to the network. In order to ensure network management is run smoothly, network administrator must choose a great quality and good performance of network management tool to handle their network. Network management tools also help to identify problems or any changes made and report to the administrator immediately.[ http://dsg.port.ac.uk/projects,2000] 1.4 Project Objectives Generally, this thesis is done for a few objectives. This is: 1. To modify related files in Nagios s Network Monitoring Tool to successfully run in the network. 2. To extend function of Nagios s Network Monitoring Tool to be successfully communicate with SMS application. 3. To propose alternatives open source network monitoring tool to network administrator. 1.5 Project Scope This project will cover and explain how to testing and implement open sources network monitoring. For this fulfill this project we will use 3 host to monitor their services of each hosts. We also cover how the tool running in our network and how its work. Besides that we focus on how the notifications or alert about the problem that occur in network are sent to network administrator. The notification use gammu tool as a SMS gateway and for the devices, we use nokia 3310 and FBUS cable to connect to Pc. We also focus to network administrator site to help them in doing their work. 3

1.6 Project Significant This thesis has a significant value itself. It done to help such of party, especially to network administrator. This project will help network administrator in order to response fast to any problem occur in the network through SMS application that used. In term of mobility SMS application also give this benefit because the mobile phone is easy to bring anywhere and this application also one of cheap technology nowadays. The importance of solving the problem is to generate better management environment on devices attached. The level of awareness of the devices is enhance on the usage of the network management system which the tool will be setting the reporting system to administrator when any problem exist, so that immediate actions can be taken to diagnose problems before they cause network outages. This project also valuable to them because they can save their time by doing remote monitoring via SMS application. 1.7 Conclusion Actually, network administrator is the person who responsible to decide how to control the network. So, they should make the right choice to choose the good quality of performance in order to monitor the network. By this way, the problem in the network will be solved. However, before implementing new tool in a network, a depth study of the network and the software must be done. The software also must be tested to the network to find whether it is applicable to be use. 4

Chapter 2 LITERATURE REVIEW 2.1 Introduction Modern computer networks tend to be large heterogeneous collections of computers, switches, routers and a large assortment of other devices. To a large degree, the growth of such networks is ad-hoc and based on the current and perceived future needs of the users. As networks get larger and faster, the job of monitoring and managing them gets more complex. However, the job of managing computer networks becomes increasingly more important as society becomes more dependent on computers and the Internet for every day business tasks. Network downtime now a cost significant amounts of money [CPR, 2001] so it is important that network and system managers are aware of everything that is happening on the networks that they are responsible for. Fortunately, computers are fairly good at watching other computers which means we can automate this task to some extent. In their discussion on the basics of network management, [Cisco, 2002] point out that the term "network management" means different things to different people. They give two examples at opposite ends of the spectrum to illustrate this diversity: A solitary network consultant monitoring network activity and high end workstations generating graphical views of network topologies and traffic. Both of these examples employ some form of tool to gather, analyze and represent information about a computer network; therefore, in general, network management is a set of tools to aid people to monitor and maintain computer networks. 5

2.2 Nagios Management tool 2.2.1 Introduction to Nagios Nagios calls itself an "open source host, service and network monitoring program". In reality, though, it's more of a monitoring framework, in that it allows an administrator to quickly fold the one-liners they use to gather information right into the configuration. Add to this the numerous plug-in available, and you can easily integrate Nagios with monitoring tools you already use, like RTD tool or MRTG First, though, you need to get your head around the way Nagios approaches configuration in general, so we'll start there with a relatively simple configuration. To get anything useful out of Nagios, there are four things, at a minimum, that need to be configured. They are hosts, host groups, contacts, and services. I'm going to assume that, as administrators, you're as capable of reading the README and INSTALL files that come with Nagios as I am, so I'm not covering installation, and I'm also making the assumption that, once installed, the configuration directory is /etc/nagios. In this directory, there should be sample configuration files to give you an idea of how things work. The logic behind configuring Nagios is very simple. You have hosts, on which presumably run services. Hosts providing the same services can be grouped together into host groups for easy summarization in the web front end. Likewise, your organization probably has contacts for the different services. If there's more than one contact for a particular service, you can put these contacts together under an alias or contact group. If a machine Nagios monitors goes down or loses a service it's been running, Nagios can be configured to notify the proper contact or group for that host or service. [K.Jones, 2004]. 6

Below is the figure of nagios network monitoring: Figure 2.1: Nagios monitoring [www.iok.de,2004] 2.2.2 System Requirements 1. Hardware The only requirement of running Nagios is a machine running Linux (or UNIX variant) and a C compiler. The machines also want to have TCP/IP configured, as most service checks will be performed over the network. 2. Software i. Nagios Core ii. Nagios plugins iii. A web server (Apache) iv. Thomas Boutell's gd library v. Zlib ( libzlib, libzlib-devel) vi. Png Library ( libpng, libpng-devel) vii. Jpeg library ( libjpeg, libjpeg-devel) viii. Basic Icons 7

ix. Cortona(support for Internet Explorer 3D graphic) 2.2.3 Features Nagios work by monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios. When problems occur Nagios alerts you via email, instant message, SMS. Current status information, historical logs, and reports can all be accessed via a web browse.[johnson,2003]. Some of the many features of Nagios include: 1. Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.) 2. Monitoring of host resources (processor load, disk usage, etc.) 3. Simple plugin design that allows users to easily develop their own service checks 4. Parallelized service checks 5. Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction between hosts that are down and those that are unreachable 6. Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method) 7. Ability to define event handlers to be run during service or host events for proactive problem resolution 8. Automatic log file rotation 9. Support for implementing redundant monitoring hosts 10. Optional web interface for viewing current network status, notification and problem history, log file, etc. [Galstad, 2002]. 8

2.2.4 Nagios Architecture The Nagios application runs on a central server, either Linux or Unix. Each piece of hardware that must be monitored runs a Nagios daemon that communicates with the central server. Depending on the instructions in the configuration files the central server reads, it will "reach out and touch" the remote daemon to instruct it to run a necessary check. While the application must run on Linux or Unix, the remote machines may be any piece of hardware that may be communicated with. Depending upon the response from the remote machine, Nagios will then respond with an appropriate action, again, according to its configuration. Depending upon what remote test needs to be performed, Nagios will perform the test via a native machine capability (e.g., test to see if a file exists) or will run a custom test program (called a plugin) to test something more specific (e.g., check to see if a particular set of values has been placed into a database). If a check return value is not correct, Nagios will raise an alert via one or several methods. [www.techtarget.com, 2005] Figure 2.2: Nagios architecture [www.mirrors.wiretapped.net, 2004] 9

2.3 Definition of Pertinent Technical Terminologies 2.3.1 Network Management Network management means different things to different people. In some cases, it involves a solitary network consultant monitoring network activity with an outdated protocol analyzer. In other cases, network management involves a distributed database, auto polling of network devices, and high-end workstations generating real-time graphical views of network topology changes and traffic. In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks. [Cisco, 2002]. 2.3.2 The functional Area of Network Management In an attempt to better understand the goals of network monitoring, it is useful to have a model of some kind. The International Telecommunications Union (ITU) proposed a network management model aimed at understanding the major functions of network management and monitoring software. This management model forms part of the X.700 series of documents from the ITU and is based on the Open Systems Interconnect (OSI) reference model. It is in the process of being standardized by the International Standards Organization (ISO). It addresses five conceptual areas, being: performance management, configuration management, accounting management, fault management and security management [Rose, 1991]. These conceptual areas are useful in understanding the goals of network monitoring and management, but first we need to differentiate between the two. The difference between network management and networking monitoring is blurred people tend to use the two terms interchangeably. For the purposes of this document the term "monitoring" will be used to refer to systems that simply observe 10

and report on a network, without taking any corrective action of their own accord. The term "management" will be used to refer to systems that both monitor a network and take corrective or preventative maintenance action without the need for intervention. As such, "network monitoring" is a subset of "network management". For this reason, although the ISO model refers to network management, a large proportion of the ideas it contains are applicable to the role of network monitoring. The five areas contained in the ISO model will now be examined in more detail: 1. Fault Management Fault management is the detection of problems and faults on the network. Such faults should be properly logged, and if appropriate an alarm should be raised. This area is responsible for proper problem identification, determining the cause of the fault and ensuring the proper resolution of the problem. Management software operating in this area may attempt to correct faults on their own, whereas monitoring software relies on notifying somebody of the problem so that they can intervene. [Halse, 2002] 2. Configuration Management The aim of configuration management is to keep track of the network's configuration, both hardware and software. This area includes keeping track of what computers and networking infrastructure are on a network, and how they are interconnected. In addition, configuration management includes following what software versions each device is running, as well as the software configuration of each device. [Halse, 2002] 3. Security Management Security management incorporates all aspects of authentication and access control, from the definition of access policies to the enforcing of those policies. Security management software may need to be aware of access control lists (ACLs), users' access levels, and all other areas of security policy. All transactions should be properly logged to create an audit trail. Exception reports can be generated for events that fall out of the scope of the defined policies, and 11

these reports can be used to alert administrators of the policy violation. [Halse, 2002] 4. Performance Management The area of performance management looks at how the current and expected performance of the network now and in the future. Elements of network performance that may be monitored include availability, response time, error rate, throughput and utilizations. This information may be compared to theoretical performance levels, historical averages or norms in order to determine how well the network is currently performing. Erratic behavior and unusual changes in performance may help to predict network faults before they occur, enabling network mangers to take preemptive measures. Historical performance information of this sort may be used to determine network growth and predict usage patterns. This data can, in turn, be used to aid in network capacity planning. [Halse, 2002] 5. Accounting Management Accounting management covers two broad areas: asset control and cost management. Asset control refers to knowing what computers are on the network, who they belong to, who is using them, and perhaps where they are located. The second area, cost management, looks at what the costs of providing network services are and how they are paid for. This may include charging models that see users in some way pay for the resources they use. The management of such charging modules, as well as the gathering of any data required to implement those falls within the scope of this area. [Halse, 2002] 12