Probe Server Changes [IL]

2019/04/17 by Leave a comment

The following probe server will be changing IP addresses on 2019-04-24:

Chicago, Illinois (IL) – USA

(162.212.158.87 / 2607:9000:0:35::1f54:9bad)
to
(96.9.222.119 / 2602:ffc8:3d02::190:4ae6)

 

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2019-04-24 13:26GMT-6] – IP change complete.

Filed under Announcement, IP Change Tagged with ,

Auditing IP Resolution with DNS Checks

2019/02/19 by Leave a comment

How would you know if your DNS account had been compromised?  If tampered with, an attacker could point your web and email traffic to their own controlled servers, enabling them to intercept potentially confidential information from you or your customers without your knowledge.

Emergency Directive 19-01

Recently, the US Department of Homeland Security issued its first ever Emergency Directive with a list of actions to mitigate DNS account tampering, an issue they report is on the raise.

The first recommended actions in their directive is to verify DNS resolution.

Action One: Audit DNS Records … audit public DNS records on all authoritative and secondary DNS servers to verify they resolve to the intended location.

In this post, I’ll show you how to continually monitor your DNS resolution using NodePing DNS checks to ensure your important domain names are resolving to the expected IP addresses. If anyone tamplers with your DNS records, you’ll quickly receive actionable notifications from NodePing.

Some of the record types you may want to verify with DNS checks are:

  • SOA – Start of Authority record
  • NS – Nameservers and the IPs they resolve to
  • Website FQDN
  • Website FQDN with www prefix (example: http://www.nodeping.com)
  • Email MX records and the IPs they resolve to
  • IMAP, POP, and SMTP FQDNs
  • FTP service FQDNs
  • All the above services for both IPv4 and IPv6 addresses

Setting up DNS monitoring

To create a new DNS check, click on the “Add new check” button in your NodePing account dashboard.

  1. Select DNS from the Check type drop down.
  2. Give it a friendly label to identify this check in lists and notifications.  Something like “Website resolver”
  3. Set how often you want the check to run on the Check Frequency field.  We recommend 1 minute intervals.
  4. Leave the DNS server field blank.  This will ensure that our probes will use whatever nameservers are listed on the domain.  If a hijacker accesses your DNS account , they’ll likely change the IPs of the nameservers so testing your own nameservers won’t be helpful for this type of monitoring.
  5. Enter the type of query you want to perform, and address you want the check to look up. Usually this should be a fully qualified domain name. It should not include “http://” or “https://”. Example : ‘nodeping.com’ or ’email.nodeping.com’ or ‘www.nodeping.com’
  6. Enter the information the check should look for in the DNS resolution response to verify the query has not been tampered with. What you put in this field will depend on the query type. For example, for A records, this will be your IPv4 address. For other types, such as MX or NS records, this is likely to be a fully qualified domain name. For AAAA records, the full notation is required. Example: IPv6 address 2606:c700:4020:11::53:4a3b requires the ‘missing’ zero sections – 2606:c700:4020:11:0:0:53:4a3b – there should be 8 sections total.
  7. Set a time out. The default 5 seconds works fine for most situations.
  8. Set the Sensitivity. High is usually appropriate.
  9. Set the notifications for this check. More information about notifications.

If your services are offered on both IPv4 and IPv6, you’ll need to create a separate check for each with the appropriate query type set to ‘A’ for IPv4 and ‘AAAA’ for IPv6.

Setting up one DNS check for every critical server and service will give you the peace of mind that your DNS hasn’t been tampered with and your customers are interacting with you, not some DNS hijacker.

Got questions or need help setting up DNS resolution audit checks?  Contact us; we’re happy to help.

If you don’t yet have a NodePing account, please sign up for our free, 15-day trial and sleep well knowing we’re keeping an eye on your DNS resolution.

Filed under DNS, Monitoring, Using NodePing Tagged with ,

NodePing badges from Shields.io

2019/02/08 by Leave a comment

Shields.io recently released an update that adds NodePing badges to their service. We’re grateful and honored to be included and wanted to drop a few instructions on how you can configure your customized badges for your NodePing checks from shields.io.

Example badges:

NodePing status badge

Status badge (up/down)

NodePing uptime badge

Uptime badge

 

For the badge to work, you need to make sure your NodePing check has public reporting enabled. Once enabled, you’ll need the UUID (unique ID) of the check.  To find the UUID, open one of NodePing’s reports.  The UUID is shown in the URL.

Example public results report URL:
https://nodeping.com/reports/results/rrwb28un-c0kl-4d7h-8n2u-xcosuprs2439/100

The “rrwb28un-c0kl-4d7h-8n2u-xcosuprs2439” part is the unique random id part.  Yours will be the same length, but different from mine.

Now that you’ve got your check UUID, head over to the shields.io site and click on your choice of badge type:  “NodePing status (customized)” or “NodePing uptime” to open the shields.io badge customizer modal.

You can set all kinds of customizations like:

  • up message e.g. Online
  • up color e.g. green
  • down message e.g. Offline
  • down color e.g. lightgrey 
  • style (lots to choose from)
  • label shown
  • background color for the label

Click on the ‘Copy badge URL’ button to get the URL into your clipboard. You can also get the code for Markdown or HTML – easy peasy. Paste it into your website or .md file and feast your eyes on your freshly minted badge.

Cool new visibility for your uptime with shields.io and NodePing. If you don’t have a NodePing account yet, sign up for our 15-day, free trial today over at https://nodeping.com and let us handle your monitoring and notifications.

Filed under Monitoring, reports, uptime Tagged with , , ,

Probe Server Changes [UK]

2019/01/09 by Leave a comment

The following probe server will be changing IP addresses on 2019/01/16:

Leeds, England (UK) – GB
(109.75.172.133 / 2a00:f9c0:0:405::12)

to

Rugby, England (UK) – GB
(78.157.200.148 / 2a01:a500:375:1::25:4617)

 

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2019-01-16 13:10GMT-6] – IP change complete.

Filed under Announcement, IP Change Tagged with ,

Probe Server Changes [TX, AR] and Removal [SE]

2018/12/05 by Leave a comment

The following probe server will be removed on 2018/12/12:

Goeteborg, Sweden (SE) – SE
(185.86.148.18 / 2a02:7aa0:1619::4b6a:706a)

The following probe servers will be changing IP addresses on 2018/12/12:

Dallas, Texas (TX) – USA

(45.58.61.34 / 2604:6600:2000:c::2)
to
(198.96.95.50 / 2607:fcd0:da80:4300::10)

Federal, Argentina (AR) – AR

(190.12.101.90)
to
(190.210.176.48)

 

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2018-12-12 15:08GMT-6] – IP changes and probe removal complete.

Filed under Announcement, IP Change Tagged with , , ,

Probe Server Changes [IL]

2018/11/07 by Leave a comment

The following probe server will be changing IP addresses on 2018/11/14:

Chicago, Illinois (IL) – USA

(104.128.57.130 / 2607:f128:4a:16::10)
to
(162.212.158.87 / 2607:9000:0:35::1f54:9bad)

 

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2018-11-14 12:35GMT-6] – IP change complete.

Filed under Announcement, IP Change Tagged with ,

WHMCS Module Update

2018/10/18 by Leave a comment

Fresh update for our WHMCS module.  Changes include:

Use our WHMCS module to add NodePing uptime monitoring to your hosting/server offerings.

Get the new module file here.

Filed under Announcement, WHMCS Tagged with ,

Probe Server Changes [LD, OR], Removal [AZ, KS, NC, OT] and Region Change [FL]

2018/08/29 by Leave a comment

The following probe servers will be changing IP addresses on 2018/09/05:

London, England (LD) – GB
(5.2.16.148 / 2a00:e740:1:27::65c3)
to
(5.226.139.158 / 2a01:4020:1:26::10)

Portland, Oregon (OR) – USA
(100.42.30.2 / 2604:B480:FFF6::10)
to
(162.210.173.188 / 2604:b480:ffff:ffff:fa06::10)

 

The following probe servers will be removed on 2018/09/05:

Phoenix, Arizona (AZ) – USA
(107.152.108.14 / 2607:f7a0:1:2:225:90ff:fee2:42da)

Kansas City, Kansas (KS) – USA
(172.86.180.18 / 2604:5800:0:42::2)

Charlotte, North Carolina (NC) – USA
(192.154.255.88 /2604:9980:0:12c:ec4:7aff:fecb:776c)

Ottawa, Ontario (OT) – CA
(199.167.130.19 / 2605:2100:0:1::7b03:9072)

 

The following probe server will be included in the North American Region on 2018/09/05:

Miami, Florida USA (FL) – US
(162.254.202.35 / 2604:bc80:8001:3c:225:90ff:fee5:5c6)

 

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2018-09-05 14:24GMT-6] – IP changes and probe addition complete.

Filed under Announcement, IP Change Tagged with , , , , , , ,

PUSH Checks – Heartbeats and Metrics Monitoring

2018/08/27 by Leave a comment

One of the most requested features we get is the ability to push monitoring results into NodePing. Today, we make good on all those requests and are happy to announce our latest check type, PUSH.

Unlike our other checks, PUSH checks allow your server to push metrics into our system, track the metrics, and receive alerts based on the results. This significantly adds to your ability to monitor services that are not Internet accessible, and monitor additional custom metrics. Our customers running LANs can now get heartbeats and metrics on internal servers like Windows AD controllers. Or, you can monitor metrics that are only relevant to your systems in ways that are specific to your environment. We’ll track and alert on any metric you want to push at us!

Heartbeats and Metrics

PUSH checks are configured to send results on a specific interval and you can configure the check to fail if we haven’t received a pushed result from you. This is the heartbeat functionality.

You can also push us a data payload of metrics with the PUSH check result and configure your check to track those metrics. The check will fail if any configured metric is missing or if the values in the result are outside your configured min/max range.

Metrics are great for keeping an eye on system load, disk free space, or any other service or system metric you can gather on a server and send to us.

PUSH checks are flexible and can be configured to be heartbeat-only, metrics-only, or both.

PUSH Clients

To send us your result (heartbeat or metrics), you’ll need to submit an HTTP POST to NodePing with information about the check and optionally the metrics. Details can be found in our in our PUSH check documentation.

We’ve got fully-functional, open-source clients in Python2, PowerShell, and POSIX script available on our GitHub public repo that have been tested with the following OSes:

  • CentOS 5 (Python2 and POSIX)
  • CentOS 6 (Python2 and POSIX)
  • CentOS 7 (Python2 and POSIX)
  • Debian 9 (Python2 and POSIX)
  • Devuan 2 (Python2 and POSIX)
  • Fedora 28 (Python2 and POSIX)
  • FreeBSD (Python2 and POSIX)
  • OpenBSD 6.3 (Python2 and POSIX)
  • OpenSUSE LEAP 15 (Python2 and POSIX)
  • Raspbian STRETCH (Python2 and POSIX)
  • Ubuntu 14.04 (Python2 and POSIX)
  • Ubuntu 16.04 (Python2 and POSIX)
  • Ubuntu 18.04 (Python2 and POSIX)
  • Windows server 2012 (Python2 and powershell)
  • Windows server 2016 (Python2 and powershell)

Download a client and follow the instructions in the client README.md file to set up your PUSH client.

An example of the default metrics sent from our POSIX client:

OS load: 1 minute, 5 minute, and 15 minute load stats
Memory free in MB
Disk space free in percentage by mount point.

There are also optional modules for Redis, Cassandra, ZFS, iptables, and more.

All our clients are built so you can add your own modules to push additional metrics – the ones you care about. The requirements for pushing metrics into our system are fairly simple, so you can write your own scripts in your preferred language. It just needs to output JSON data with numeric values. You can find the information you need to create your own client modules in our PUSH check documentation and take a look at existing modules for examples.

We encourage pull requests for new modules so if you build something you think others would find useful, please do share.

We’re working on new reports and dashboards to visualize metrics, making the new PUSH check even more useful, so keep an eye out here on the blog for those announcements.

If you aren’t using NodePing yet, you can sign up for a free, 15-day trial and test out our new PUSH checks yourself. We think you’ll love the new functionality along with our rock-solid monitoring and fast/accurate notifications.

Filed under Announcement, NodePing Updates, PUSH Tagged with , ,

Probe Server Addition [AM]

2018/07/31 by Leave a comment

The following probe server will be added on 2018/08/07:

Melbourne, Australia (AM) – AU
(144.48.37.241 / 2404:f780:2:950:216:3cff:feb8:ab8e)

Please adjust your firewalls appropriately if you whitelist so your checks do not fail because of the probe IP address changes.

An always current and updated list of all the IP addresses for our probe servers can be found in the FAQ, a text file, and via DNS query, probes.nodeping.com.

 

[UPDATE – 2018-08-07 16:15GMT-6] – the addition of the new probe is now complete.

Filed under Announcement, IP Change Tagged with ,

Older posts

Newer posts