RBL Monitoring

What better way to top off our email monitoring enhancements than with a new check type! We’re happy to introduce our RBL check.

RBL, or DNSBL, stands for “Real-time Black List,” and is used to publish the addresses of computers or networks linked to spamming, malware, or other abuses which system administrators may want to block from accessing their networks.

There are hundreds of RBLs in existence, which use a wide array of criteria for listing and delisting of addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, listing the addresses of ISPs who willingly host spammers, or listing addresses which have sent spam to a honeypot system.

If the IP addresses of your servers appear on these RBLs, there’s a good chance you’ll have difficulty interacting with networks that subscribe to these RBLs. For instance, if your SMTP server is listed, you’ll likely be unable to send email to the systems that use the RBL you are listed on.

You can use our new RBL check to ensure that your servers aren’t listed and to receive notifications if they do get listed, allowing you to quickly take steps to remove your addresses from those RBLs. You can find more details about which RBLs we check and how to set them up in our RBL Check documentation.

Adding RBL checking to our already robust email monitoring checks for SMTP, POP3, and IMAP4 will help you sleep at night knowing that email is flowing as it should be.

RBL monitoring checks are available to all NodePing accounts. If you don’t have an account yet, you can sign up for your free 15-day trial of our server monitoring service.

POP Monitoring Enhancements

As part of strengthening our email server monitoring solutions, we’ve added a bunch of new features to the POP3 check type. They nicely complement our recent changes to our SMTP and IMAP checks.

New features include:

  • Non-standard ports. Specify any port, not just POP default port 110
  • SSL/TLS support on any port – not just 995.
  • SSL certificate validation
  • SSL certificate expiration warnings – configurable to X days before expiration
  • User login verification.

More details about the new POP server monitoring enhancements can be found in our documentation.

These features are available to all NodePing server monitoring accounts today. If you don’t have an account yet, you can sign up for a free 15-day trial at https://nodeping.com.

Now, if you just had a way to monitor spam blacklists for your server ip addresses… RBL Check is on its way!

IMAP Monitoring Enhancements

On the heels of our SMTP enhancement release, we’re happy to add some significant features to our IMAP server monitoring check. IMAP refers to one of the two most popular methods of email retrieval, the other being POP. IMAP4 services are supported by nearly all email clients and its use continues to grow.

We’ve added the following enhancements:

  • Non-standard ports. Specify any port, not just IMAP default port 143
  • SSL/TLS support.
  • SSL certificate validation
  • SSL certificate expiration warnings – configurable to X days before expiration
  • User login verification.

It’s easier than ever to ensure your IMAP services are available and configured correctly. Find more information about the new enhancements in our documentation.

The new IMAP enhancements are available to all NodePing accounts today. If you don’t have a NodePing server monitoring account yet you can sign up for a free 15-day trial.

Next check on the block for more enhancements – you guessed it – POP3. I hear there’s a RBL check in the works too! Keep an eye out here on the blog for the announcements.

SMTP Check Enhancements

We’ve rolled out some important enhancements to our SMTP check that will help ensure your email server is running as it should be.

Added enhancements include:

  • Non-standard ports
  • SSL/TLS support including certificate verification and expiration warning
  • STARTTLS support
  • AUTH with support for PLAIN, LOGIN, and CRAM-MD5
  • Mail acceptance verification including open relay notification

The SMTP check will now not only verify that your email server is running but can also optionally check to see if your server is an open relay or properly accepting mail for a particular email address.

The new open relay functionality will test to see if your mail server will accept mail for an address that should not be allowed. If your server is an open relay, we will send you a notification.

It’s also important to verify that your email server is not rejecting mail that it should be accepting. There are many reasons an SMTP server may reject email. The configuration may have changed or a particular mailbox may be over its quota. This enhancement verifies that your server will accept messages to an email address of your choice and send you a notification if it is rejected.

We’ve added extensive SSL/TLS support including STARTTLS as well as certificate verification and certificate expiration warnings. Simply set how many days in advance of the expiration you would like to be notified and we’ll send you an alert, giving you time to renew and install your new certificates.

The new optional AUTH support allows you to verify that users can log in and send mail using industry standard PLAIN, LOGIN, and CRAM-MD5 AUTH mechanisms.

You can find more information about our new SMTP check enhancements in our documentation.

These enhancements are available now to all NodePing customers. If you don’t currently have an account, please sign up for our free 15 day trial.

SSL Check Now Supports SNI and UCC Certificates

We’re happy to announce a couple of enhancements to our SSL certificate check. We now support SNI and UCC certificates

SNI (Server Name Indication) passes the hostname to the server when we request the certificate. That allows you to serve multiple SSL certificates on a single IP address.

UCC (Unified Communications Certificates) allow you use one certificate for multiple hostnames. Unlike wildcard certificates, which NodePing has supported from the beginning, UCC certificates can cover multiple hostnames on multiple domains.

As IPV4 addresses keep getting scarcer, the ability to monitor your SNI and UCC certificates for validity and expiration dates will become increasingly more important. NodePing is glad to be able to offer reliable monitoring for these SSL types.

If you’re not already a NodePing customer, please sign up for our free trial and see how SNI and UCC certificate monitoring can be easy and economical.

New Performance Summary Report and Updated Public Reports

Web site developers spend a significant amount of time and effort optimizing the site so that it loads quickly and performs well for their visitors. All of that effort is wasted if the web server performs poorly. One of the key uses for website monitoring is keeping an eye on web server performance to make sure that piece of the visitor’s experience is working optimally.

NodePing Monitoring Results Summary ReportWe have implemented a new report to help with this task. The Performance Summary report shows the minimum, maximum, and average response time for a site over an hour. By default, the report shows the last 31 days of performance data. As with the results report, you can change the number of results shown by editing the number on the report’s URL.

Of course, this isn’t limited to just web site performance. This report is available for all monitoring on NodePing, so you can see the same thing for ping results, ssh checks, email checks, and the whole range of other service monitoring we provide. In particular, this type of information is useful in ping tests to routers to watch connectivity performance over time.

We have also adjusted the way our “Public” reports feature works. The summary and results reports are now available if you are logged in to your NodePing account, even if the “Public” access is turned off. The “Public” toggle still controls whether the report is visible to visitors who are not logged in. We also changed the URL’s to better reflect that it is the same report with a different format. The results reports are now all at /reports/results/ (although the old URL’s will continue to work). You can retrieve the data in JSON or CSV format by adding ?format=csv or ?format=json to the URL. For CSV output, you can add a file name to the URL as well for convenience (so the URL would end in /filename.csv?format=csv). Documentation can be found in our reports documentation.

We are continuing to work on improving and expanding our reports. Please let us know what you think, and what you want to be able to see from the monitoring reports. Our continuing goal is to make NodePing not only the most cost effective, but also the most useful monitoring service anywhere.

Twitter Notifications

NodePing is happy to announce our newest notification method – twitter direct messages.  The ability to receive a twitter direct message is a great addition to our current notification system that already includes unlimited email, international SMS, and voice calls.

Twitter notifications are in testing at this point.  They are available on all accounts so please do kick the tires and let us know how things work for you at support@nodeping.com.

You’ll need to follow @NodePing in order to get direct message alerts.  Then add your twitter handle in your contact record and in your check’s notification section and we’ll send you a private and discrete ‘direct message’ (not an embarrassing public tweet) when that check goes down and again when it comes back up.

Let us know in the comments how this new notification type is working for you and what you’d like to see added next – instant message (IM), HTTP POST to url, carrier pigeon, etc?

Monitor Streaming Audio

We’re happy to introduce our new audio check type.  Now NodePing can monitor HTTP streaming audio servers and notify you via email, SMS, and even voice alerts when your audio streams go offline.

The new audio check is available now and can be used to watch HTTP streaming audio services like ICEcast and SHOUTcast servers.  Set the target of the check to the URL specified inside your pls file.  If your pls file looks like:

NumberOfEntries=1
File1=http://example.com:8002/

Set the check target to “http://example.com:8002/“.  The check briefly connects to the stream and reads the headers returned to determine if the audio steam is up or down.

Many thanks to all who gave their “+1” to this new check type.  Your feedback and suggestions help us prioritize which enhancements and new check types our development team works on. If you’ve got a need for a specific check or an enhancement to an existing check, please let us know in the comments below or email us at support@nodeping.com.

SSH Check with Content String Matching

NodePing is happy to announce the new SSH check. In its simplest use, the new SSH monitoring provides a real SSH connection for monitoring those critical SSH services, but our check can do much more than that.

Not only can we monitor the availability of your SSH services on any port, but we can also optionally have the check log in and verify the presence, or absence, of a particular string in the login response. Pairing the SSH check with a login script makes it much more powerful and flexible. With it, you can monitor much more than SSH.

In the example below, we’re going to set a login script that checks server load, available memory, and disk usage. We’ll use its simple ‘PASS‘ or ‘FAIL‘ output to trigger email and SMS alerts from NodePing when the 1 minute load average goes over 4.0, when available memory drops below 50MB, or when the disk becomes more than 90% full.

The script is a simple BASH script that relies on commonly installed programs like ‘top’, ‘free’, and ‘df’ to determine the ‘PASS’/’FAIL’ status for each of the things we’re monitoring. It’s not the prettiest thing, but it seems to work well on an Ubuntu server.

#!/bin/bash
# Load average limit
# A quad-core server may be maxing out CPUs at 4.0
LOADLIMIT=4;
# Free memory floor in MB.
FREEMEMLIMIT=50;
# Disk usage in percentage, but without the percent sign. 
DISKUTILIZATION=90;
# Path to the disk partition you want to monitor.
DISKPATH='/dev/sda7';

LOAD=`top -n1 | grep 'load average' | awk -F" " '{print $12}'`;
LOAD=${LOAD:0:4}
LOAD=`echo "$LOAD > $LOADLIMIT" | bc`
if [ $LOAD -eq 1 ]; then
echo "LOAD:FAIL";
else
echo "LOAD:PASS";
fi

MEMUSAGE=`free -m | grep '^Mem' | awk -F" " '{print $4}'`;
MEMUSAGE=`echo "$MEMUSAGE < $FREEMEMLIMIT" | bc`;
if [ $MEMUSAGE -eq 1 ]; then
echo "MEM:FAIL";
else
echo "MEM:PASS";
fi
DISKSPACE=`df | grep "$DISKPATH" | awk -F" " '{print $5}'`;
LEN=`expr "$DISKSPACE" : '.*'`;
LEN=`echo "$LEN-1" | bc`;
DISKSPACE=${DISKSPACE:0:$LEN}
DISKSPACE=`echo "$DISKSPACE > $DISKUTILIZATION " | bc`;
if [ $DISKSPACE -eq 1 ]; then
echo "DISK:FAIL";
else
echo "DISK:PASS";
fi
# logout right away
# This SSH user is restricted for security purposes
exit;

We saved this script as ‘mylogin.bash‘ in our user’s home folder and then edited the /etc/passwd file, replacing the shell ‘/bin/bash‘ with ‘/home/testuser/mylogin.bash‘.  Don’t forget to make the script file executable with something like

chmod 0755 /home/testuser/mylogin.bash 

Now when our test user logs in, we see something like:

Last login: Thu Apr 12 22:41:33 2012 from 127.0.0.1
LOAD:PASS
MEM:PASS
DISK:PASS
Connection to 127.0.0.1 closed.

It’s the response text above that will be checked against our user defined content string. In our SSH check configuration, we’ll set the ‘Content string‘ dropdown to ‘Does not contain‘ and type ‘FAIL‘ in the text field.  Now when NodePing’s probe servers login via SSH and find the word ‘FAIL‘ in the response, I’ll get a notification!

But the notification just says that the SSH check failed. We won’t know what failed.  It could be the load, memory, or disk.  Instead of logging in to see, I’ll be lazy and create three separate SSH checks, all with the same host and login information, but have one check for the string ‘LOAD:FAIL‘, another check for ‘MEM:FAIL‘, and the other ‘DISK:FAIL‘.  I’ll label the one that checks the load average a nice informative name like “Load Average on test server” and the other checks something similar. Now my SMS notification say something like “SSH Check failed for: Load Average on test server“, letting me know exactly what’s failing.

NodePing provides 1000 checks run at up to 1 minute intervals for only $10/month so you’re running out of reasons not to monitor everything. If you don’t have a NodePing account yet, sign up for our free 15-day trial and kick the tires.  We think you’ll like it.

The above example is fairly simple.  You can write your own login scripts in Node.js, Python, etc to check statuses for databases, VPN connections, virus definition updates,… dang near anything!  You can find information on how to configure your SSH checks in our documentation.

How will you use the new SSH check with content string matching?  Let us know in the comments below.

Port Connect Check Now Available

There are thousands of network protocols NodePing doesn’t have checks for (yet) :-) But that shouldn’t stop you from being able to monitor the availability of your services.  Using our new Port Connect check, you can test the responsiveness of nearly any TCP protocol on any port.

This is great news for those running lesser-known services, or services on non-standard ports, who are having a hard time finding a monitoring service to help them track availability. Our Port Connect check will attempt to create a standard TCP socket connection to your host on the specified port and report back if your server accepted the connection.

The Port Connect check can also help ensure that a particular port is not accepting traffic as well. This is useful for making sure your firewall is blocking a specific port for services that need a little extra vigilance. The check will send a notification if it is ever able to successfully connect.

You can learn more about the Port Connect check and how to configure it in our documentation.  If you don’t yet have a NodePing account, you can sign up for a 15-day free trial and give our new Port Connect check a try.  We think you’ll like it.