the gurubox project: open source troubleshooting tools

© 2009 IBM Corporation

IBM Collaboration Solutions

The Gurubox Project:

Open Source Troubleshooting Tools

Wes [email protected]

mailto:[email protected]


October 24, 2014

Me and Open Source

● First real job – Unix systems administrator● When Usenet was github and comp.sources.* ruled● First “home computer” - AT&T 3B2/310 with 3B2/XM and 5620 – 4MB RAM, 0.6 MIPS● Contributed portability code to gnuplot, perl, bignum, nethack et al.● If you ever see “3B2” or “3B20” in PORTING or README, it was probably me


October 24, 2014

Open Source for End Users at IBM

Green to Open Software Project (G2O)850+ packages approved for some degree of internal useHundreds of thousands of OpenOffice installations

Open Client for LinuxIBM's customized Linux desktop, built on RHEL and UbuntuTens of thousands of clients deployed within IBM

Supporting Open Source on IBM PlatformsIBM SDK for node.jsIBM Bluemix – http://www.bluemix.net


October 24, 2014

Why are we here? The Gurubox Project

Originated in corporate security concerns

Troubleshooting with hundreds of customers over 20 years

Need for a “sterile” system for troubleshooting and data collection

Concerns in exposing our own information on customer networks

SOLUTION: Open source!

Known tools

Many already in use among customers

Easily audited

Empty of any/all company confidential information

Easily wiped/sanitized

Can be adopted by customers


October 24, 2014

Caveats – The IS/ISN'T Approach

Gurubox IS intended for general troubleshooting

Gurubox IS NOT intended for “deep dive” subject matter experts

Gurubox IS intended for “get in, find the red flag, get out” troubleshooting

Gurubox IS NOT intended for long-term monitoring/analysis

Gurubox IS predicated on ease of use

Gurubox IS NOT necessarily “best of breed” in each area

YOUR MILEAGE MAY VARY!


October 24, 2014

Gurubox Platform

ThinkPad W500

Intel Core 2 Duo T9400 @ 2.53 GHz

8 GB RAM

160GB HDD

Ubuntu 14.04 LTS


October 24, 2014

Must-haves For the Enterprise-Level Troubleshooter

Network Analysis

Directory Search/Maintenance

Web Troubleshooting/Analysis

Virtual Machines

Troubleshooting Mobile/Cloud Services

Load Testers


October 24, 2014

Network Troubleshooting - nmap

Extremely robust network discovery tool (aka “network mapper”)

Can perform a wide range of scans against individual systems or entire networks

OS/service fingerprint detection

Zenmap GUI also available

http://nmap.org


October 24, 2014

Network Troubleshooting – mtr and lft

mtr – graphical traceroute, repeating, statistical analysis providedUseful for catching “breakdown” in network connectivityhttp://www.bitwizard.nl/mtr/

lft - “layer 4 traceroute”Many, MANY options – useful for discovering/traversing firewallshttp://pwhois.org/lft/


October 24, 2014

Network Analysis - Wireshark

“The World's Most Popular Network Protocol Analyzer” - supports 1500+ protocols and packet types

Reads/writes file formats of most commercial network analyzers

Extensive utilities for manipulating capture files

http://www.wireshark.org


October 24, 2014

Network Analysis - MRTG Multi-Router Traffic Grapher

Quick, easy monitoring of SNMP-enabled network interfaces (e.g. switches, routers)

Runs from cron or Task Manager

Automatically builds traffic graphs and web page for each interface

http://oss.oetiker.ch/mrtg


October 24, 2014

Directory Search/Maintenance – Apache Directory Studio

Directory tooling platform with browsing/editing capability

Works with almost every LDAP server

Extremely useful for validating search filters

http:/directory.apache.org/studio


October 24, 2014

Simple Web Troubleshooting – Live HTTP Headers

Firefox plugin

Simple capture/save-to-file of HTTP request/response headers

Perfect for quick “sanity checks”

http://livehttpheaders.mozdev.org


October 24, 2014

Simple Web Troubleshooting – Modify Headers

Firefox plugin

Quick on-the-fly modification of HTTP headers

Pairs well with Live HTTP Headers

http://www.garethhunt.com/modifyheaders or Firefox Add-On Library


October 24, 2014

Advanced Web Troubleshooting - Firebug

Firefox plugin

Explore HTTP headers, HTML, CSS, scripts, DOM, cookie, network performance

http://getfirebug.com


October 24, 2014

Virtual Machines - VirtualBox

Desktop virtualization

Almost all x86 operating systems supported

http://www.virtualbox.org


October 24, 2014

Troubleshooting Cloud/Mobile Services - GeoIP MaxMind – open source data and APIs

GeoIP databases available for download - https://www.maxmind.com/en/opensource

GeoIP supported by an increasing number of packagesINCLUDING WIRESHARK!


October 24, 2014

Troubleshooting Cloud/Mobile Services - Android-x86

Straightforward port of Android to x86 architecture

Easy deployment in VirtualBox VM

Allows data captures (e.g. network traffic) that is difficult on a mobile device

http://android-x86.org


October 24, 2014

Load Testing – Apache JMeter

Can create tests for HTTP/HTTPS, SOAP, FTP, LDAP, SMTP, POP3, and more

Record your own tests and scale with thread groups

http://jmeter.apache.org


October 24, 2014

One for our Windows Friends – Process Hacker

Adjunct to (or replacement for) Task Manager

Views for Processes, Services, Network and Disk

Live usage charts for CPU, Memory, and more

http://processhacker.sourceforge.net


October 24, 2014

Odds and Ends

Quick and easy data plots – gnuplot - http://www.gnuplot.info/

Screen capturesShutter (Linux) - http://shutter-project.org/Greenshot (Windows) - http://getgreenshot.org/

Generating PDFs – cups-pdf (Linux) and CutePDF (Windows)

Music composition/notation (just because!) - Musescore (Linux) - http://musescore.org/


October 24, 2014

Thanks for being here!

Feel free to contact me with any questions or suggestions

Did I miss something? Let me know! I'm always excited to learn about new tools...

Twitter: @wesmorgan1 Email: [email protected] Blog: Cognitive Buffet <http://wesmorgan.blogspot.com>

the gurubox project: open source troubleshooting tools

Software

live http headers http

available http

network performance

interface http

network traffic

capture files http

search filters http

jsibm bluemix http