Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Build Your Own NOC

timothy posted more than 10 years ago | from the role-playing-game dept.

Businesses 267

Geminus writes "Ever wanted to build a cheap NOC but had difficulty explaining tech stuff to bean counting managers? Here's the basics on building one for under two grand. Makes for a pretty good dog-n-pony show, and proves useful too! Damn, I want to be an Armchair Network Operations Center General."

cancel ×

267 comments

Sorry! There are no comments related to the filter you selected.

FP! KILL THE JEWS! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7722740)

iji iji iji iji iji iji jtiji iji iji iji iji iji
iji iji iji iji iji ijjDMNQtiji iji iji iji iji ij
iji iji iji iji iji cXMNMNMNQjiji iji iji iji iji
iji iji iji iji ijcSMNMNMNMNHJiji iji iji ij iji ij
iji iji iji iji iSWMNMNMNMHJiji iji iji ij iji iji
iji iji iji iji6WMNMNMNMNYiji iji Jciji iji iji ij
iji iji iji i5WMNMNMNMN5iji iji JHMNSc iji iji iji
iji iji iji5NMNMNMNMW5iji iji JHMNMN MWSiji iji iji
iji iji ijcXMNMNMNMNNYiji ijtKMNMN MNMNMW6iji iji i
iji iji iji jDMNMNMNMNHJijtQMNMN MNMNMNMNMW5iji iji
iji itciji iji QMNMNMNMNKDMNMN MNMNQWMNMNMNMN5iji i
ijitKMWSiji iji jQMNMNMNMNMN MNMNQtijSWMNMNMNMNYiji
itQMNMNMW6iji iji tKMNMNMN MNMNKtiji icSMNMNMNMNHJi
iJHMNMNMNMW6iji ijcSMNMN MNMNMNDjiji ijicXMNMNMNN5i
ijiYNMNMNMNMN5ijiSWMNM MNMNMNMNMNDciji ijicDMNW6iji
iji i5NMNMNMNMNSWMNM MNMNHNMNMNMNMNXciji iji 5iji i
iji iji5WMNMNMNMNM MNMNN5ij5NMNMNMNMNSciji iji iji
iji iji i6WMNMNM MNMNW5iji ij6WMNMNMNMWSiji iji iji
iji iji ijiSWM MNMNW6iji iji tKMNMNMNMNXciji iji ij
iji iji iji cSMNWSiji iji tQMNMNMNMNDjiji iji iji
iji iji ij iji c6ciji iji QMNMNMNMNQjiji iji iji ij
iji iji iji iji iji ijjDMNMNMNMNQtiji iji iji iji
iji ij iji iji iji ijcXMNMNMNMNKtiji iji iji iji ij
iji iji iji iji iji jQMNMNMNHJiji iji iji iji iji
ij iji iji iji iji iji tKMNHJiji iji iji iji iji ij
iji iji iji iji iji iji tYiji iji iji iji iji ij ij

Re:FP! KILL THE JEWS! (-1, Troll)

DJBanaan (700806) | more than 10 years ago | (#7722794)

Could someone tell just what the fsck this is supposed to be? Could someone remove this crap ASAP please?

Re:FP! KILL THE JEWS! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7722807)

You made an account and _this_ is the first thing you post?

Re:FP! KILL THE JEWS! (-1, Offtopic)

iamplupp (728943) | more than 10 years ago | (#7722836)

dont feed the trolls...

PENIS!! (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7722745)

penis!! yay, penis!!!! three cheers for penis!! hip hip horray! hip hip horray! hip hip horray! ahhhh penis.

Post (-1, Flamebait)

JZlives (677468) | more than 10 years ago | (#7722746)

Gee, this proves that if I spend enough time surfing slashdot, I can get first post. Or not.

Join the Simoniker Fan Club! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7722748)

SFC (SIMONIKER FAN CLUB) is the first organization which
gathers SIMONIKER FANS from all over America and abroad for one common goal - being SIMONIKER FANS.

Are you INTELLIGENT?
Are you a SLASHDOT READER?
Are you an INTELLIGENT SLASHDOT READER?

If you answered "Yes" to any of the above questions, then the SFC (SIMIONIKER FAN CLUB) might be exactly what you've been looking for!
Join SFC (SIMONIKER FAN CLUB ) today, and enjoy all the benefits of being a full-time SFC member.
SFC (SIMONIKER FAN CLUB ) is the fastest-growing SIMONIKER FAN community with THOUSANDS of members all over United States of America. You, too, can be a part of SFC if you join today!

Why not? It's quick and easy - only 2 simple steps!

First, you have to obtain a copy of Simonikers list of stories [slashdot.org] and read them.

Second, you need to join the official SFC irc channel #SFC on EFNet, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!

If you are having trouble locating #SFC, the official SIMONIKER FAN CLUB irc channel, you might be on a wrong irc network. The correct network is EFNet, and you can connect to irc.secsup.org or irc.isprime.com as one of the EFNet servers.

If you have mod points and would like to support SFC, please moderate this post up.

This post brought to you by a proud member of SFC

Re:Join the Simoniker Fan Club! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7722893)

Are you an INTELLIGENT SLASHDOT READER?

Such a person does not exist, sir.

to be a noc (0)

nil5 (538942) | more than 10 years ago | (#7722750)

don't you need some reason?

i mean, what's the point unless you have subscribers?

Re:to be a noc (-1, Offtopic)

pope-on-a-rope (622637) | more than 10 years ago | (#7722766)

you want a reason? e-penis++

And the Obligatory... (-1, Troll)

Tha_Big_Guy23 (603419) | more than 10 years ago | (#7722756)

Imagine a beowulf cluster of these...

Speed kills computers. (5, Funny)

Anonymous Coward | more than 10 years ago | (#7722757)

NOC=Nitrous Oxide Computing.

Re:Speed kills computers. (0, Redundant)

Anonymous Coward | more than 10 years ago | (#7723036)

Thats NOX u ninney

That was fast (1, Funny)

dunelin (111356) | more than 10 years ago | (#7722767)

Only 7 (now 8) comments and they're already slashdotted. Way to go, guys.

Re:That was fast (0)

Anonymous Coward | more than 10 years ago | (#7722826)

Redundant to what, exactly, O wise moderator?

Re:That was fast (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7722972)

it's fucking redundant because EVERYTIME THERE'S AN ARTICLE, THE SITE GETS SLASHDOTTED.

then everytime, some fucking lamer posts:

"gee, only 5 posts, and the site is down"

THIS IS SLASHDOT!

and the moderator is trying to, in a not so subtle way, tell you to take your head out of your ass, and quit posting:

"gee, only 7 posts, and the site is slashdotted allready"

this is slashdot. we know already.

and you?

what's your excuse?

Re:That was fast (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7723056)

Hey you third nipple, is this your fucking Haiku rant or what?

WOPR (-1, Funny)

Transient0 (175617) | more than 10 years ago | (#7722769)

They use the acronym WOPR in the article and i think they just might mean Weapon of Public Relations...

If I'm right, it's hilarious. If I'm wrong, then I propose this as the new expansion of whatever this acronym is supposed to actually mean.

Re:WOPR (2, Informative)

Anonymous Coward | more than 10 years ago | (#7722815)

War Operation Programmed Response

from the movie War Games

Re:WOPR (5, Informative)

Anonymous Coward | more than 10 years ago | (#7722820)

Geezus... Everyone who's a true nerd knows that the WOPR is the War Operations box that was in the movie WarGames (Matthew Broderick)....

You know, the movie that made it absolutely *impossible* to get a dial-up into any BBS in the country for about 3 weeks after the movie came out...

Then again, I've been hacking around since about '76, so maybe I'm just showing my age...

Re:WOPR (2, Informative)

Dave Beta (643388) | more than 10 years ago | (#7722824)

They use the acronym WOPR in the article and i think they just might mean Weapon of Public Relations

Considering the earlier reference in the article to WarGames, I think it's safe to say they are using WOPR to mean "War Operations Plan and Response".

hmmm...4 comments and it's slashdotted? (4, Funny)

yroJJory (559141) | more than 10 years ago | (#7722772)

I guess you can build your own NOC, but if you don't have enough bandwidth, you can't teach others how to do it.

There have been 4 comments so far and the story is already slashdotted!

Re:hmmm...4 comments and it's slashdotted? (5, Funny)

germanbird (710853) | more than 10 years ago | (#7722790)

Obviously the Armchair Network Operations Center Generals did not prepare a contigency plan for the slashdot effect...

Re:hmmm...4 comments and it's slashdotted? (5, Funny)

lithiumcloud (573531) | more than 10 years ago | (#7722822)

it's supposed to be a really cheap noc. go figure.

coulda used this two years ago... (4, Funny)

ruebarb (114845) | more than 10 years ago | (#7722774)

I was part of a company that wanted to branch into network management for others

problem was, to sell your services as a NOC, you have to already have it built, which we didn't have...we had a bunch of fake looking tools, though...

where was this two years ago when I needed it...LOL

RB

Re:coulda used this two years ago... (4, Insightful)

Anonymous Coward | more than 10 years ago | (#7722931)

This article was barely a page in length and revealed nothing concrete. This is meant as more of a joke than anything else, I assume. I hope you were joking as well... because that is pathetic if you'd need this article to learn how to build a NOC.

Just add... (5, Funny)

neiffer (698776) | more than 10 years ago | (#7722777)

Just add an LCD projector and I can play a 3d shooter on the big screen while keeping track of network packets.

Re:Just add... (2, Funny)

karnal (22275) | more than 10 years ago | (#7722840)

Or, perhaps someone will come up with the bright idea to let you shoot packets whilst in the 3d game...

"Oops, sorry about that boss. That was a nasty zombie.... whaddya mean that was my raise paperwork????!!!"

Re:Just add... (0)

Anonymous Coward | more than 10 years ago | (#7722920)

http://members.iinet.net.au/~bofh/newbofh/bofh10ja n.html

Then search for "boss mode". The BOFH is the best thing that I have ever read (well for the point of being in IT that is ad wanting to crush some of my lUusers)

Tim

psDooM? (5, Informative)

runlvl0 (198575) | more than 10 years ago | (#7722935)

Or, perhaps someone will come up with the bright idea to let you shoot packets whilst in the 3d game...

Kind of like psDooM [sourceforge.net] (as seen on Slashdot [slashdot.org] ), but at the network level? I'll betcha it could be done.

NOC???? (0, Interesting)

CyberBill (526285) | more than 10 years ago | (#7722779)

What in gods name is NOC?
Nerds on Crack...
Nice/Naughty old Chicks...

-Bill

Re:NOC???? (0)

Anonymous Coward | more than 10 years ago | (#7722789)

Nobody On Call!!!

Re:NOC???? (3, Informative)

bluekanoodle (672900) | more than 10 years ago | (#7722791)

Network Operations Center

Re:NOC???? (2, Funny)

beeudoublez (619109) | more than 10 years ago | (#7722795)

No One Cares

(outside IT that is)

Re:NOC???? (0, Redundant)

lithiumcloud (573531) | more than 10 years ago | (#7722835)

RTFA

Re:NOC???? (0)

Anonymous Coward | more than 10 years ago | (#7722964)

How?
I find this article very slashdotted. :)

Re:NOC???? (1)

lithiumcloud (573531) | more than 10 years ago | (#7723000)

Well, it's all cleared up by the cut-and-paste karma whores in the comments now, so just read through.

Re:NOC???? (0)

Anonymous Coward | more than 10 years ago | (#7722841)

RTFM

Who wants to sit there though? (0)

beeudoublez (619109) | more than 10 years ago | (#7722780)

My NOC is extremely loud, cold and blows air through vents convienently located by my chair or whatever rack I'm working on. But yes, what about the key-card lock? That is what justifies 'value' to the bean counters.

Slashdotted already (4, Funny)

CyberSlugGump (609485) | more than 10 years ago | (#7722782)

It must have been a *really* cheap NOC!

Wait--it's loading, SLOWLY (-1, Redundant)

CyberSlugGump (609485) | more than 10 years ago | (#7722796)

Blatantly copied from the site:

The Network Operations Center or NOC is the cornerstone of all computer networks. I've worked at AT&T's NOC, been around Government NOCs and seen small scaled versions. Most look like something out of the movie, "WarGames" and surprisingly, whether you're a Linux or Windows fan you can build one for cheap and be your own armchair NOC General.

What does a NOC do? It monitors connections, network activity, spots problems, conducts threat assessments, and calculates scalability requirements with customer demands... it also puts on a pretty good "dog-n-pony" show for potential investors and customers.

What's required? Again, surprisingly not too much! Depending on the size of your company, this can be achieved with as little as an 8' X 10' room, and 4 computers. Trust me, you more than likely do not need a $15,000 Cisco PIX or Nokia firewall (which runs Linux derivatives).

You'll need at least three big monitors (the bigger the better), two smaller ones (17"), a KVM switch, and OOB dialup. Here's the loadout:

1. Firewall: Get a copy of IPCOP... its Smoothwall on steroids and very easy to configure. It has a built in Intrusion Detection System, Proxy logging, and you can use Coyote Linux as a failover if you think you are being attacked. This package uses a web interface, so there's no need for a
monitor, keyboard, or mouse. These software elements are also free. Minimum requirements are a 333Mhz system with 64MB of RAM and a 2.1GB Hard-Drive.

2. Network Monitoring: Download a copy of F.I.R.E. and run it on a barebones 600 Mhz system. Configure and open Etherape on a monitor for an Air Traffic Controller's view of your network activity... bean counters love this. If you're being attacked or infected, you will quickly see where it's coming from. You should also use a receive only sniffer cable on this box to protect integrity... a receive only box has a zero chance of infection as it's physically impossible.

3. Got wireless? Download and run Airsnare with a semi hyped up Wireless antenna, and you'll quickly spot any war-drivers or unauthorized network connections. If you have an old directional motorized TV antenna system lying around you can go uber-elite and connect a cheap phased array panel antenna or cantenna to locate your wireless intruder with NetStumbler. This can all equally run on a 333Mhz Windows based system.

4. Workstation: Here's the beef... a 1.2Ghz, 512MB, 20GB computer, with dual head Matrox card, with dual booting OS (Linux & Windows), Preferably Linux with a Windows VMWARE guest OS. Trust me, once you go Dual-Head, you won't go back. The best Linux Dual-Head OS is SuSE 8.3. Tie this into the KVM to modify any of your servers.

5. Red Phone... afterall, who doesn't want one? You're batman right?

Your first Monitor should be watching CNN or the weather channel (depending on location), the second should be running Etherape, and the third should be running Airsnare or Windows Services Monitors (CPU, Netload, etc.) All of the software here except Windows is free, and easy to configure... except maybe your General's chair. In the end, aside from having your own
WOPR, you have a NOC for just under $2,000.00

William M. Nett

Links:
http://www.ipcop.org
http://www.coyotel inux.com
http://prdownloads.sourceforge.net/biatc hux/fire-0 .4a.iso?download
http://etherape.sourceforge.net/ images/v0.5.5.png An etherape screenshot
http://www.netstumbler.com
http://hom e.comcast.net/~jay.deboer/airsnare/downl oad.htm

Nightmares. (2, Insightful)

DAldredge (2353) | more than 10 years ago | (#7722784)

This will cause me to have nightmares. I hope they are joking.

Untold Story (-1, Offtopic)

mholt108 (229701) | more than 10 years ago | (#7722785)

Itis a little know factt that Actually Sadam had a NOC in his HOLE

I found this article... (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7722793)

... surprisingly difficult to masturbate to.

Just one minor change... (4, Funny)

jkrise (535370) | more than 10 years ago | (#7722797)

The NOC advisory "Your first Monitor should be watching CNN or the weather channel"

Change that to Slashdot, Kuro5in, TheRegister, ThtOnion or something else. No CNN please.... if you have any sense of self-esteem, that is.

-

Re:Just one minor change... (5, Funny)

jkitchel (615599) | more than 10 years ago | (#7722855)

No CNN please.... if you have any sense of self-esteem, that is.

Ok, fine. Make that Fox News then.
*runs for cover*

Re:Just one minor change... (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7722930)

Arrrggghhh!

Re:Just one minor change... (2, Insightful)

DAldredge (2353) | more than 10 years ago | (#7722944)

Fox News Alert.
Perterson Case
Fox News Alert
Jackson Case
Fox News Alert
Toby Case
Fox News Alert
More Mindless crap.

And this is coming from someone who in the past bought dish network so I could watch fox news. But that is before it turned into all trash, all the time.

The article. (5, Informative)

Anonymous Coward | more than 10 years ago | (#7722798)

A Website Dedicated to Computer Professional...and some not so Professional
How to build a cheap Security NOC
William M. Nett

The Network Operations Center or NOC is the cornerstone of all computer networks. I've worked at AT&T's NOC, been around Government NOCs and seen small scaled versions. Most look like something out of the movie, "WarGames" and surprisingly, whether you're a Linux or Windows fan you can build one for cheap and be your own armchair NOC General.

What does a NOC do? It monitors connections, network activity, spots problems, conducts threat assessments, and calculates scalability requirements with customer demands... it also puts on a pretty good "dog-n-pony" show for potential investors and customers.

What's required? Again, surprisingly not too much! Depending on the size of your company, this can be achieved with as little as an 8' X 10' room, and 4 computers. Trust me, you more than likely do not need a $15,000 Cisco PIX or Nokia firewall (which runs Linux derivatives).

You'll need at least three big monitors (the bigger the better), two smaller ones (17"), a KVM switch, and OOB dialup. Here's the loadout:

1. Firewall: Get a copy of IPCOP... its Smoothwall on steroids and very easy to configure. It has a built in Intrusion Detection System, Proxy logging, and you can use Coyote Linux as a failover if you think you are being attacked. This package uses a web interface, so there's no need for a
monitor, keyboard, or mouse. These software elements are also free. Minimum requirements are a 333Mhz system with 64MB of RAM and a 2.1GB Hard-Drive.

2. Network Monitoring: Download a copy of F.I.R.E. and run it on a barebones 600 Mhz system. Configure and open Etherape on a monitor for an Air Traffic Controller's view of your network activity... bean counters love this. If you're being attacked or infected, you will quickly see where it's coming from. You should also use a receive only sniffer cable on this box to protect integrity... a receive only box has a zero chance of infection as it's physically impossible.

3. Got wireless? Download and run Airsnare with a semi hyped up Wireless antenna, and you'll quickly spot any war-drivers or unauthorized network connections. If you have an old directional motorized TV antenna system lying around you can go uber-elite and connect a cheap phased array panel antenna or cantenna to locate your wireless intruder with NetStumbler. This can all equally run on a 333Mhz Windows based system.

4. Workstation: Here's the beef... a 1.2Ghz, 512MB, 20GB computer, with dual head Matrox card, with dual booting OS (Linux & Windows), Preferably Linux with a Windows VMWARE guest OS. Trust me, once you go Dual-Head, you won't go back. The best Linux Dual-Head OS is SuSE 8.3. Tie this into the KVM to modify any of your servers.

5. Red Phone... afterall, who doesn't want one? You're batman right?

Your first Monitor should be watching CNN or the weather channel (depending on location), the second should be running Etherape, and the third should be running Airsnare or Windows Services Monitors (CPU, Netload, etc.) All of the software here except Windows is free, and easy to configure... except maybe your General's chair. In the end, aside from having your own
WOPR, you have a NOC for just under $2,000.00

William M. Nett

Links:
http://www.ipcop.org
http://www.coyotel inux.com
http://prdownloads.sourceforge.net/biatc hux/fire-0 .4a.iso?download
http://etherape.sourceforge.net/ images/v0.5.5.png An etherape screenshot
http://www.netstumbler.com
http://hom e.comcast.net/~jay.deboer/airsnare/downl oad.htm

Search Now:

E-mail your comments to dougchick@thenetworkadministrator.com
All rights reserved TheNetworkAdministrator.com

Disclaimer: The Opinions shared on TheNetworkAdministrator.com are contributed by its readers and does not express the opinion of the creators of this publication.

Re:The article. (5, Informative)

Silvers (196372) | more than 10 years ago | (#7722830)

"You should also use a receive only sniffer cable on this box to protect integrity... a receive only box has a zero chance of infection as it's physically impossible."

Am I the only one that balks at this statement? Maybe I am missing something but it does seem that even with rx-only you could be infected, just not by any connection oriented protocols? (Or maybe even still if some really strange bug crops up).

Or am I just missing something...

Re:The article. (5, Insightful)

KrispyKringle (672903) | more than 10 years ago | (#7722873)

Probably right. I've wondered about this before, when seeing these statements. But at least you don't have to worry about leaking information or being used as an intermediate host in an attack. Worst case is essentially a DOS. On the other hand, were this a logging host, you could concievably infect it as you mentioned, download to it a simple program (you'd have to hope you download it right, since there won't be any way to do TCP style checksumming, I suppose) and have it grep through the logs to remove entries with your IP address or whatever, all automatically. No? But that'd be a bitch of an exploit, if you could pull it all off all one way.

Re:The article. (2, Insightful)

psyki (653079) | more than 10 years ago | (#7722959)

With a "receive only sniffer", even if the machine gets infected it will have "zero chance" to infect other machines. Eric

Re:The article. (1)

wildchild07770 (571383) | more than 10 years ago | (#7722857)

So the first guy to post this gets modded down for redundancy and the second up for informative, gotta love slashdot.

Re:The article. (0)

Anonymous Coward | more than 10 years ago | (#7722977)

Post marked as redundant has time of December 15, @04:02PM, this one has time of December 15, @03:58PM.

He did not post it first troll, he was 4 minutes late. His post was redundant.

Re:The article. (1)

KFK - Wildcat (512842) | more than 10 years ago | (#7722903)

a receive only box has a zero chance of infection as it's physically impossible.

Huh? I don't get this... How would it be physically impossible to infect a receive only box?? (I figure *transmit* only is secure for sure, but receive?)

This article sucks (5, Informative)

0x0d0a (568518) | more than 10 years ago | (#7722922)

There is *not* a heck of a lot of content here.

Most of the information is more than obvious to anyone interested in running a NOC (incidently, left out of the Slashdot story is that this is a *Security* NOC).

I've seen random Slashdot posts that would be a lot more useful to someone interested in building a NOC than this thing.

That being said, my own two cents:

If you're using SNMP to manage your network, snmpwalk+scripts is good. If you can stomach not using open source software, Intermapper [intermapper.com] is really nice. Unfortunately, the two big open source competitors don't quite measure up -- Scotty [utwente.nl] is kind of old and grotty and rather TCL-oriented, and GxSNMP [gxsnmp.org] appears to be dead.

Etherape, as suggested in the article, isn't the greatest choice either...IIRC, it doesn't support satellites, which means it needs to be running on the actual network it's monitoring. Not really acceptable for a NOC tool. Etherape is also, in my experience, rather CPU-hungry. There are a lot of commercial traffic flow visualization tools...not sure what's best, as I haven't played with many.

All in all, while the article's worthy of a post in a random discussion, it really isn't worthy of a Slashdot story.

Re:The article. (3, Funny)

aardwolf204 (630780) | more than 10 years ago | (#7722955)

5. Red Phone... afterall, who doesn't want one? You're batman right?

Of course, then you can say stuff like "Get the Pentagon on the horn!" while smoking a stogie

NOC (5, Informative)

chunkwhite86 (593696) | more than 10 years ago | (#7722802)

For those who are wondering...

A NOC is a Network Operations Center. It is one room, typically filled with many displays of real-time data which display the health/status of a network.

NOC-Stock Market. (0)

Anonymous Coward | more than 10 years ago | (#7722837)

"A NOC is a Network Operations Center. It is one room, typically filled with many displays of real-time data which display the health/status of a network."

Sounds similiar to the setup at a financial trading house.

Re:NOC (0)

Anonymous Coward | more than 10 years ago | (#7722904)

you mean It's not the National Occupational Classification? *turns off the misson impossible theme music*

Re:NOC (1)

MyFourthAccount (719363) | more than 10 years ago | (#7723046)

For those who are wondering...

A NOC is a Network Operations Center


You mean for those that don't understand the first words on the first line of the article? -- The Network Operations Center or NOC ...

Oh, never mind...

Already Slashdoted Text (-1, Redundant)

KenFury (55827) | more than 10 years ago | (#7722813)

The Network Operations Center or NOC is the cornerstone of all computer networks. I've worked at AT&T's NOC, been around Government NOCs and seen small scaled versions. Most look like something out of the movie, "WarGames" and surprisingly, whether you're a Linux or Windows fan you can build one for cheap and be your own armchair NOC General.

What does a NOC do? It monitors connections, network activity, spots problems, conducts threat assessments, and calculates scalability requirements with customer demands... it also puts on a pretty good "dog-n-pony" show for potential investors and customers.

What's required? Again, surprisingly not too much! Depending on the size of your company, this can be achieved with as little as an 8' X 10' room, and 4 computers. Trust me, you more than likely do not need a $15,000 Cisco PIX or Nokia firewall (which runs Linux derivatives).

You'll need at least three big monitors (the bigger the better), two smaller ones (17"), a KVM switch, and OOB dialup. Here's the loadout:

1. Firewall: Get a copy of IPCOP... its Smoothwall on steroids and very easy to configure. It has a built in Intrusion Detection System, Proxy logging, and you can use Coyote Linux as a failover if you think you are being attacked. This package uses a web interface, so there's no need for a
monitor, keyboard, or mouse. These software elements are also free. Minimum requirements are a 333Mhz system with 64MB of RAM and a 2.1GB Hard-Drive.

2. Network Monitoring: Download a copy of F.I.R.E. and run it on a barebones 600 Mhz system. Configure and open Etherape on a monitor for an Air Traffic Controller's view of your network activity... bean counters love this. If you're being attacked or infected, you will quickly see where it's coming from. You should also use a receive only sniffer cable on this box to protect integrity... a receive only box has a zero chance of infection as it's physically impossible.

3. Got wireless? Download and run Airsnare with a semi hyped up Wireless antenna, and you'll quickly spot any war-drivers or unauthorized network connections. If you have an old directional motorized TV antenna system lying around you can go uber-elite and connect a cheap phased array panel antenna or cantenna to locate your wireless intruder with NetStumbler. This can all equally run on a 333Mhz Windows based system.

4. Workstation: Here's the beef... a 1.2Ghz, 512MB, 20GB computer, with dual head Matrox card, with dual booting OS (Linux & Windows), Preferably Linux with a Windows VMWARE guest OS. Trust me, once you go Dual-Head, you won't go back. The best Linux Dual-Head OS is SuSE 8.3. Tie this into the KVM to modify any of your servers.

5. Red Phone... afterall, who doesn't want one? You're batman right?

Your first Monitor should be watching CNN or the weather channel (depending on location), the second should be running Etherape, and the third should be running Airsnare or Windows Services Monitors (CPU, Netload, etc.) All of the software here except Windows is free, and easy to configure... except maybe your General's chair. In the end, aside from having your own
WOPR, you have a NOC for just under $2,000.00

William M. Nett

Links:
http://www.ipcop.org
http://www.coyotel inux.com
http://prdownloads.sourceforge.net/biatc hux/fire-0 .4a.iso?download
http://etherape.sourceforge.net/ images/v0.5.5.png An etherape screenshot
http://www.netstumbler.com
http://hom e.comcast.net/~jay.deboer/airsnare/downl oad.htm

The scary thing is.... (5, Interesting)

beeudoublez (619109) | more than 10 years ago | (#7722818)

what if your boss/manager saw this and decided this is all you needed for your budget?
Hard to justify higher costs when your proof of concept is some webpage discovered by your boss, we've all been there.

N/A (1, Funny)

mrpuffypants (444598) | more than 10 years ago | (#7722819)

Trust me, once you go Dual-Head, you won't go back.

I soooo wish that I'd get 'dual head' in my NOC...

Re:N/A (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7722891)

Go fuck yourself with your trolling.

Wanker.

SuSe Linux 8.3 (5, Informative)

Anonymous Coward | more than 10 years ago | (#7722825)

>

1. SuSe 8.3 does not exist, it's in fact either 8.2 or 9.0.
2. There is curently no dual head driver from Matrox Parhelia. Olders Matrox's video card has dual head driver, but they don't work anymore with "recent" motherboard since motherboard's voltage is changed from 3.5 to 5 volts. And yes, 1.2 ghz-era computer are affected by this voltage change.
3. Vmware will be too slow with this configuration do to something really useful. Especially with dual heading.
4. This article is either a fake or a troll.

Re:SuSe Linux 8.3 (0)

Anonymous Coward | more than 10 years ago | (#7722843)

So it makes lots of technical errors. How is it a troll? How is NOC-building such an emotional issue? But even more, how is it fake? A fake of what? A real article? IT"S TELLING HOW TO BUILD A DAMN NOC!!!!!!!

Re:SuSe Linux 8.3 (1)

Anonymous Coward | more than 10 years ago | (#7722915)

The writer simply never builded the damn NOC, as this is a impossible to build configuration. I even saw a MS-office clipboard picture. Even more, he don't even own a noc, because he already slashdoted since the first four hits.

For a real opensource NOC (5, Interesting)

losttoy (558557) | more than 10 years ago | (#7722844)

You need:
1. A good network management system (Open-NMS)
2. A good systems monitoring system (MRTG+RRD Tool)
3. A good helpdesk software to follow trouble tickets.

Re:For a real opensource NOC (5, Insightful)

Anonymous Coward | more than 10 years ago | (#7723053)

Unfortunately, as someone who has had to support real NOCs for real networks on a tight budget, I can state without reservation that the open source tools you mention (MRTG/RRD, OpenNMS) are mediocre to the point of unusability.

Some people might find this puzzling, but the best NOC systems I've used on tight budgets were homegrown applications, usually after trying out and discovering the deficiencies of the open source tools. It isn't that hard to write a good NMS, but once someone rolls their own good one in-house, it rarely gets released into the wild. For that matter, many of the commercial packages are steaming piles, so if you have a talented programmer or two on staff, you can add value to your company by just writing your own NMS and not waste time with mediocre packages.

This is one of those things that SOMEONE could do well in the open source domain, but I haven't seen it. When someone hacks together the foundation of a really slick NMS at some company that needs it, it inevitably becomes a competitive asset and therefore cloistered in the bowels of engineering. Having a killer NMS is a significant competitive advantage, and the field is populated with enough mediocre solutions right now that there is significant financial pressure to keep NMS code bases proprietary.

Oh brother. (0, Insightful)

Anonymous Coward | more than 10 years ago | (#7722845)

I was intrigued by the title of this story and I read the article but it's a complete piece of fluff that is devoid of a point. Why would anyone build a NOC if they have N to monitor? The article suggests having a TV tuned into CNN. Is this a joke?

How do stories like this get through? (This isn't a rhetorical question. I'm sincerely curious.)

Re:Oh brother. (0, Offtopic)

Inthewire (521207) | more than 10 years ago | (#7722913)

Easily.

Duh.

quote missing (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#7722849)

oups, my quote did not copy correctly into slashdot, here it is:
"Workstation: Here's the beef... a 1.2Ghz, 512MB, 20GB computer, with dual head Matrox card, with dual booting OS (Linux & Windows), Preferably Linux with a Windows VMWARE guest OS. Trust me, once you go Dual-Head, you won't go back. The best Linux Dual-Head OS is SuSE 8.3. "

My NOC is 66 square feet,3TB of traffic (5, Interesting)

Anonymous Coward | more than 10 years ago | (#7722870)

Bashed out a window so a fan can circulate air, installed 4 of the cheap open frame racks, use a OpenBSD firewall and all of our servers run FreeBSD. It costs next to nothing to set up. Idiots down the hall from us spend $1.5 million on their room, $100K just for the air conditioner. The funny thing is they do 1/100th of the traffic we do. Believe me, the "IT" industry is set up to rip you off if you don't know what you're doing. This stuff can be done a lot cheaper than the suits lead you to believe. This is how we survived the bubble while the floor outside our door got marked up from other occupants expensive equipment getting moved in, and then out!

Mirror (5, Informative)

TPS Report (632684) | more than 10 years ago | (#7722912)

Mirror Here [wiretapped.us] . I'll mirror the rest of the page, as soon as he recovers from the shock [freep.com] and replaces the charred, smoking remains of the server he once had.

Re:Mirror (1)

KrispyKringle (672903) | more than 10 years ago | (#7722927)

I managed to mirror my browser's cache of it, sans a couple of images, here [radioactivechicken.org] .

FYI (1)

HoneyBunchesOfGoats (619017) | more than 10 years ago | (#7722923)

WOPR is the supercomputer from the movie War Games [imdb.com] , and it stands for War Operations Plan Respopnse.

Would you like to play a game? (-1, Offtopic)

aardwolf204 (630780) | more than 10 years ago | (#7722926)


Would you like to play a game?

Secret password (1)

momerath2003 (606823) | more than 10 years ago | (#7723012)

ProtoVision Game Server

Enter the super-secret backdor password.
>yourmom
Incorrect password. Try again.
>wargames
Incorrect password. Try again.
>Z1ON0101
Third incorrect attempt. Password hint: it's my son's name.
@End Carrier@

ProtoVision Game Server

Enter the super-secret backdor password.
>Joshua
Thanks, but I'll go open source.

My NOC is my PowerBook. (3, Insightful)

Mordant (138460) | more than 10 years ago | (#7722940)

With very few exceptions (military, financial, public utilities sectors), it's pretty passe to have a 24/7/365 manned NOC, anymore, given VPN technology, the quality of remote-administration tools, etc.

It just isn't necessary, anymore.

Re:My NOC is my PowerBook. (3, Insightful)

KrispyKringle (672903) | more than 10 years ago | (#7722970)

Many large networks with critical infrastructure like to have something that's manned most of the time, though 24/7/265 gets pricey. The reason's pretty obvious. If at 3 AM your network goes down, you don't really want all your customers to be up the creek 'till 9 on Monday.

If you're talking about corporate networks, you're probably right. But if you're talking about hosting companies, ISPs, companies that host their own critical infrastructure (like those you listed above), then the NOC, in some form or another, makes sense, doesn't it?

NOC's Have a Purpose (3, Informative)

Nazmun (590998) | more than 10 years ago | (#7723045)

Although, some companies may have NOC's for no good reason... NOC's do have their places. I am a webhost (a small one) and our servers are in datacenters with thousands (in many cases tens of thousands) of other such machines. There are always at least one or two techs around in the wee hours of the night and a NOC is most certainly necessary to monitor all these machines and the network.

There is NO way a laptop can replace a NOC in such a case. You need a centralized area where everything is monitored. As for remote administration, it's always been pretty decent with Unix (and in our case it's linux mostly) but that just helps the NOC become more useful for us.

Please hook me up with your vendor! (4, Interesting)

Zero__Kelvin (151819) | more than 10 years ago | (#7722949)


The article calls for:

1) At least three big monitors (the bigger the better), two smaller ones (17"), a KVM switch, and OOB dialup.
2) A 333Mhz system with 64MB of RAM and a 2.1GB Hard-Drive.
3) A barebones 600 Mhz system
4) A 333Mhz Windows based system.
5) A 1.2Ghz, 512MB, 20GB computer, with dual head Matrox card, with dual booting OS (Linux & Windows), Preferably Linux with a Windows VMWARE guest OS

All the above for under $2000.00? Can we also assume that the author works for free, so that setup cost is $0.00? I haven't priced VMWARE in a long time, but if memory serves, that should be near or over the 2K mark by itself. Perhaps the author meant under $20,000.00? What am I missing here folks?

Re:Please hook me up with your vendor! (5, Informative)

richie2000 (159732) | more than 10 years ago | (#7723008)

I haven't priced VMWARE in a long time, but if memory serves, that should be near or over the 2K mark by itself.

You need to refresh your DRAM. VMWare Workstation 4 costs $299 from vmware.com. The rest of the stuff can be had for free, more or less. 17" monitors are $100 a pop new (CRT, that is), the 1.2GHz box can be built new for around $200 (1300 Duron, 256MB RAM, 40GB disk) and the rest of them are dumpster-diving fodder. The only things in his list that actually may cost Real Money (TM) are the big screens, but you can get old 24" Sun monitors on Ebay for a song and maybe a little dance and then you just need to get/make a VGA-Sun adapter to be in business.

Basement NOCs - They're the Future! (3, Funny)

Jason Scott (18815) | more than 10 years ago | (#7722950)

I used to host with a fine place, but disagreements over costs and bandwidth usage charges inspired me (along with the purchase of my home) to host in my own basement. I have 3-4 customers, and we'll keep it at that. Bandwidth is a T-1. And I think the place looks pretty sharp. [cow.net] This is also where textfiles.com [textfiles.com] and bbsdocumentary.com [bbsdocumentary.com] are hosted, so it works for me.

Basement [Museums] - They're the Future! (2, Funny)

Anonymous Coward | more than 10 years ago | (#7722973)

I see two Lisas. So that would be Basement NOC/Museum. Just charge admission.

Re:Basement [Museums] - They're the Future! (0)

Anonymous Coward | more than 10 years ago | (#7722988)

love your website...brings a tear to my eye when i read all the text files that were once part of my BBS days ;-)

Re:Basement NOCs - They're the Future! (0, Flamebait)

Anonymous Coward | more than 10 years ago | (#7722995)

What a pile of old junk!

People like you are the reason I can sell old worthless crap on ebay for a lot of money. You have your own personal landfill. Please continue buying the stuff I find on the side of the road.

WTF? (1, Interesting)

bazik (672335) | more than 10 years ago | (#7722958)

The best Linux Dual-Head OS is SuSE 8.3.

WTF has Dual-Head support to do with the distribution?

For those with a higher budget (1)

Maskirovka (255712) | more than 10 years ago | (#7722961)

This [panoramtech.com] company has some products [panoramtech.com] that will REALLY [panoramtech.com] impress the suites. Round the setup out with a few 1337 dvorak gesture keyboards [fingerworks.com] , comfortable chairs [hermanmiller.com] , and a network camera [securityideas.com] outside the door. Did I miss anything?

For those with a higher budget-Lights! Camera! NOC (0)

Anonymous Coward | more than 10 years ago | (#7722999)

For those who like the "show" in show-and-tell. Find someone who does set design for movies and TV. Come up with something out of Minority Report. Your NOC can look futuristic while the grunt work is in a closet somewere.

You forgot the critical part... (1)

kjba (679108) | more than 10 years ago | (#7722968)

Where is the self-destruct button?

Glaring omission! (3, Funny)

Ridge (37884) | more than 10 years ago | (#7722976)

How can they not mention a giant display-oriented map of your region/country/world on the wall!? Minimally this display should:
  • Be in color.
  • Be at least 12'x6'.
  • Numerous people wearing headsets must be employed to stare at it with a sick fascination for the entire day.
  • It should be able to animate interesting events, e.g. incoming ICBMs, lightning strikes, or Godzilla attacks with appropriate context-sensitive graphics.
  • Bonus points if you can surf porn or play tic-tac-toe on it.

For those of you wondering about "F.I.R.E" (4, Informative)

Tyndareos (206375) | more than 10 years ago | (#7722983)

This is the website: http://fire.dmzs.com/

The Christmas tree (4, Interesting)

BrookHarty (9119) | more than 10 years ago | (#7722987)

How many other people out there, went over the correct shade of yellow for the alarm lights with a vendor? Funny stories about NOC design. This thread could have some very interesting stuff, if people would let some company secrets slip. ;)

But onto my point.

Biggest thing about a noc, is you need to see the alarm, other than taking action, missing an alarm is the worst design flaw. Filter, Page, auto-ticket, there are many things a professional NOC can lend some experience on design. Not everything has to cost, in fact many opensource software works great. (Big Brother anyone?)

BTW, windows and vmware? Pfft.. Worst thing you want is a crash in the middle of working, Solaris and xterms. Eye-candy is the worst thing to get in the way of working outages.

Humm, also a good ticketing system is important, if you want to page out someone, you need to have enough detail for the person to do their job.

Oh yea, give me an Aeron [google.com] Chair also. I know, its .com ish, but they do feel great.

Akamai NOC Tour (3, Interesting)

mcbridematt (544099) | more than 10 years ago | (#7722989)

You might want to have a look at Akamai's NOC at http://www.akamai.com//en/html/about/nocc_tour.htm l

Pictures of Akamai's NOC also were in the Wired article about the Slammer Virus a few months ago.

Wonder what it said as it died (1)

Alcimedes (398213) | more than 10 years ago | (#7723001)

I wonder what showed up on the screens as it was blown off the map.

Fat lot of good a NOC does you if you're dead.

You really don't want to work there... (3, Interesting)

yalla (102708) | more than 10 years ago | (#7723004)

I used to work in a NOC of a major cellphone carrier. Working in shifts, staring at your HP Openview, no coffee/food at your desk, boring calls from the staff "Oh, the connection to server ABC isn't working. Do something!" - and when really something goes wrong you feel you want to be an octopus - you need 8 arms for 8 phones.

Essentially the job is: Stare at network map, wait for thingys to blink, make calls.

Yalla.

Dual-headed video (5, Interesting)

John Courtland (585609) | more than 10 years ago | (#7723042)

...is indeed the greatest thing since sliced bread. I've had it for about 2.5 years now, and one day when my primary monitor went out, I almost couldn't function. Being able to have Visual studio open in one screen and All sorts of Docs and a web browser in the other, I don't know how I did it before...

In the same vein, nVidia included a really nice feature in their latest drivers (I think it's been around since the 4x.xx series, but it wasn't as refined) that lets you "throw" a window. Pure genius, whoever invented that. With 2048 pixels of desktop space, it actually takes over an entire mousepad to move a window across the desktop. With throwing, I just flick my mouse. If I have a few IM windows open, a few Putty terminals, etc etc, it's great to just get stuff out of the way real fast and put it all into a known area.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>