Slashdot Mirror

← Back to Stories (view on slashdot.org)

Build Your Own NOC

Posted by timothy on from the role-playing-game dept.

Geminus writes "Ever wanted to build a cheap NOC but had difficulty explaining tech stuff to bean counting managers? Here's the basics on building one for under two grand. Makes for a pretty good dog-n-pony show, and proves useful too! Damn, I want to be an Armchair Network Operations Center General."

8 of 267 comments (clear)

  1. Re:The article. by KrispyKringle · · Score: 5, Insightful

    Probably right. I've wondered about this before, when seeing these statements. But at least you don't have to worry about leaking information or being used as an intermediate host in an attack. Worst case is essentially a DOS. On the other hand, were this a logging host, you could concievably infect it as you mentioned, download to it a simple program (you'd have to hope you download it right, since there won't be any way to do TCP style checksumming, I suppose) and have it grep through the logs to remove entries with your IP address or whatever, all automatically. No? But that'd be a bitch of an exploit, if you could pull it all off all one way.

  2. Re:coulda used this two years ago... by Anonymous Coward · · Score: 4, Insightful

    This article was barely a page in length and revealed nothing concrete. This is meant as more of a joke than anything else, I assume. I hope you were joking as well... because that is pathetic if you'd need this article to learn how to build a NOC.

  3. My NOC is my PowerBook. by Mordant · · Score: 3, Insightful

    With very few exceptions (military, financial, public utilities sectors), it's pretty passe to have a 24/7/365 manned NOC, anymore, given VPN technology, the quality of remote-administration tools, etc.

    It just isn't necessary, anymore.

    1. Re:My NOC is my PowerBook. by KrispyKringle · · Score: 3, Insightful
      Many large networks with critical infrastructure like to have something that's manned most of the time, though 24/7/265 gets pricey. The reason's pretty obvious. If at 3 AM your network goes down, you don't really want all your customers to be up the creek 'till 9 on Monday.

      If you're talking about corporate networks, you're probably right. But if you're talking about hosting companies, ISPs, companies that host their own critical infrastructure (like those you listed above), then the NOC, in some form or another, makes sense, doesn't it?

  4. Re:For a real opensource NOC by Anonymous Coward · · Score: 5, Insightful

    Unfortunately, as someone who has had to support real NOCs for real networks on a tight budget, I can state without reservation that the open source tools you mention (MRTG/RRD, OpenNMS) are mediocre to the point of unusability.

    Some people might find this puzzling, but the best NOC systems I've used on tight budgets were homegrown applications, usually after trying out and discovering the deficiencies of the open source tools. It isn't that hard to write a good NMS, but once someone rolls their own good one in-house, it rarely gets released into the wild. For that matter, many of the commercial packages are steaming piles, so if you have a talented programmer or two on staff, you can add value to your company by just writing your own NMS and not waste time with mediocre packages.

    This is one of those things that SOMEONE could do well in the open source domain, but I haven't seen it. When someone hacks together the foundation of a really slick NMS at some company that needs it, it inevitably becomes a competitive asset and therefore cloistered in the bowels of engineering. Having a killer NMS is a significant competitive advantage, and the field is populated with enough mediocre solutions right now that there is significant financial pressure to keep NMS code bases proprietary.

  5. please say no to unexplained acronyms by altaic · · Score: 5, Insightful

    It would really be better if stories like this were not chosen for the front page. Whenever a story is posted with unexplained acronyms, tons more people click the links to see wtf it's talking about. More people who don't care about the actual (obscured) topic needlessly eat up the bandwidth, and the links are slashdotted much sooner. I know this is off-topic, however it does pertain to this story...

  6. Re:Vulnerability of receive-only by Lumpy · · Score: 3, Insightful

    first of all you have to FIND it. It's not going to be admitting that it even exists on the network. so you either needto make a bunch of wild ass guesses, have inside information, or start systematically attacking all the non-sctive IP addresses in the subnet.

    all of which will set off lots of NOC alarms before you even get to the machine.

    --
    Do not look at laser with remaining good eye.
  7. This article is great... by ApheX · · Score: 3, Insightful

    Unless you suffer from a power outage. Then your 'NOC' is down, your servers down. Everything is useles and out of your control.

    Author should mention either hopping on eBay and getting a used rackmount UPS or building a battery backup yourself using car batteries. As crude as it sounds if you have the space (a seperate room) you can build a huge battery back up system for (relatively) next to nothing and be able to simply add more batteries for longer uptime, etc.

    --

    -
    aphex
    I Steal Music!