Seeking Watchdog Hardware?

hpavc asks: "I have played with watchdog daemons and hacks on and off for a while. I am wondering if there are any reccomendations out there for which real cards watchdog cards are of the best value. Or as some suggest is it all just a scam. From what I read the mechanisms of the cards differ greatly, both in their monitoring and their response. From simply watching an area of DMA to an embedded device with a os that monitors a large amount of things on the computer hardware and the environment. (tia)"

IN SOVIET RUSSIA

[CableModemSniper]

Ah forget it, I am just not good enough for the soviet russia troll. I'll try a Beowulf instead: "Imagine..." Ah forget it, I am just not into it.

Free hardware

[arcadum]

I think the pound is giving away free tags with every adoption.

Two hardware methods

[FueledByRamen]

I'm assuming you'd be using this with Linux, correct? If you are, this would be _easy_ (although it would work with any other OS you knew how to write drivers for). Two ways:

1. Your machine must have an ISA slot (or you must know how the hell PCI works). Make a card with an onboard micro (something simple - 68HC11, 8052) connected to an unused IRQ and a chip-select system for an address in the middle of ISA adapter card space. Every 1 second, have the micro trigger an interrupt. The OS should see this if it's still alive and kicking in some fashion. If it doesn't see some pattern of 8 writes to that address space within a short period of time, have it short the hardware reset pins together (plug an unused port on the micro into the reset header on the mobo).

2. Same concept, different implementation. Hook a micro (BASIC stamp would be perfect for this, cheap and easy to program) up to the serial port. If it sees the repeating character stream sent out by the OS, all is well. If it stops for more than 1 sec or so, hardware-reset time!

Both of these would be relatively easy to implement for someone with hardware knowledge, and fairly inexpensive (ISA board would be maybe $20 in parts + whatever an ISA prototyping card costs, serial port version $45 for Basic Stamp kit + MAX232ACPE RS232 level-shifter chip and associated capacitors).

Re:Two hardware methods

[unitron]

"...connected to an unused IRQ..."

Why wasn't this modded +5 Funny?

Re:Two hardware methods

Actually if you are going down the PIC route and you have USB available, there are USB pics out there that would be even easier to assemble. One plus to this is that you can even build it to be configurable inside and outside the case. And for the real hackers, you can put a display interface and stream display info through the pic. When the info stops, setup the pc for a reset or power off.

Re:Two hardware methods

You're recommending a processor to build a simple circuit? Talk about hardware bloat!

a chip-select system for an address in the middle of ISA adapter card space.

Typically, the watchdog cards use an I/O address.

Rather than making an ISA card (for a one-off card, you can't afford to pay the ridiculous PCI fees), you might want to make a small board that you trigger from one of the lines from a serial port. That will save you a large expensive board with an edge connector and bracket. It will also save you the hassle of wiring-up the address decoding.

Rather than using an expensive processor(!!), look into using a 555 timer. You can even buy it at Rat Shack. Hook the output through a small relay to your reset line. I still can't believe someone would recommend a processor for a job like this.z

Most Unsecure OS? Yep, It's Linux

November 26, 2002 | Paul Thurrott

According to a new Aberdeen Group report, open-source solution Linux has surpassed Windows as the most vulnerable OS, contrary to the high-profile press Microsoft's security woes receive. Furthermore, the Aberdeen Group reports that more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions. The report muddles the argument that proprietary software such as Windows is inherently less secure than open solutions. And here's another blow to the status quo: Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period. Could Windows be the most secure mainstream OS available today?

"Open-source software, commonly used in many versions of Linux, UNIX, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers," the report reads. "Security advisories for open-source and Linux software accounted for 16 out of the 29 security advisories--about one of every two advisories--published for the first 10 months of 2002. During this same time, vulnerabilities affecting Microsoft products numbered seven, or about one in four of all advisories."

The stunning report makes several claims that seem to fly in the face of widely accepted beliefs. First, the Aberdeen Group says that Windows-based Trojan horse attacks peaked in 2001, when CERT released six such advisories, then bottomed out this year, when CERT didn't issue any alerts. However, Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002. The Aberdeen Group says this information proves that Linux and UNIX are just as prone to Trojan horse attacks as any other OS, despite press reports to the contrary, and that Mac OS X, which is based on UNIX, is also vulnerable to such attacks. Even more troubling, perhaps, is the use of open-source software in routers, Web servers, firewalls, and other Internet-connected solutions. The Aberdeen Group says that this situation sets up these devices and software products to be "infectious carriers" that intruders can easily usurp.

According to the Aberdeen Group, the open-source community's claim that it can fix security vulnerabilities more quickly than proprietary developers can means little. The group says that the open-source software and hardware solutions need more rigorous security testing before they're released to customers. This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain.

We can rail against Microsoft and its security policies, but far more people and systems use Microsoft's software than the competition's software. I believe that we'll never know how secure Linux is, compared with Windows, until a comparable number of people and systems use Linux. But despite the fact that Linux isn't as prevalent as Windows, we're still seeing a dramatic increase in Linux security advisories today. I think the conclusion is obvious.

PCI-WDT500

[hectorh]

I have used the PCI-WDT500 before and it worked just perfectly.

My application was a mpeg stream server using icecast.

I modified the icecast code so that it reset the watchdog timer after some important sections of code. If for any reason the icecast server would not be able to perform those tasks (ie, the mpeg stream was not being transmitted), the watchdog timer would expire and the machine would reboot.

Needles to say, this method would cover all types of problems from bugs in icecast, to kernel panics, hardware failures and network problems.

The PCI-WDT500 is a PCI bus version, so it will work with all newer systems. All you need to install it is to hook it up to the hardware reset line.

Watchdog and timer cards for linux

[bradams]

This link has info on linux watch dogs.
watchdog and timer cards for linux

If all you need is lockup detection

[Yarn]

From /usr/src/linux/Documentation/nmi_watchdog.txt:

On Intel and similar ix86 type hardware there is a feature that enables us to generate 'watchdog NMI interrupts'. (NMI: Non Maskable Interrupt which get executed even if the system is otherwise locked up hard). This can be used to debug hard kernel lockups.

IBM's Automatic Server Restart

[Khazunga]

If you still didn't buy your servers, IBM's xSeries servers come with a watchdog integrated in the motherboard. They call it Automatic Server Restart, and works like any other watchdog. Set it up, call it every x seconds. Fail for n times, and the machine reboots on its own.

If the xSeries has it, I'd imagine the pSeries does too -- but, alas, I have none of those :-P

Re:IBM's Automatic Server Restart

[cpthowdy]

If anyone cares, Compaq, er, HP has ASR also in the Proliant servers.

Watchdog PCI card

[jafuser]

What's wrong with something like this?

http://www.berkprod.com/pci_pc_watchdog.htm

Supports Linux and Windows...

Chipset timeout.

[toft]

intel i8xx chipsets (or only some?) have an integraded watchdog timer. Look at the i810_tco driver in linux. It actually works on my ThinkPad to..

Sun boxen

[Gothmolly]

Have this. It's called LOM (Lights Out Management). Full serial manageability, and a hardware reset gizmo on the system board. Run "lom -d 40000,10000" and if the box hangs for 40 seconds, it gets rebooted.