How to Drop or Block Incoming Access From Specific IP Address Using Iptables

In this post, i will show you the simple way to block incoming ip address using iptables firewall on CentOS 5.5. This setting will be removed once you restarted the iptables or rebooted the server.

OPTIONS = long or short options are allowed.

    --append  -A Append to chain
    --delete  -D Delete matching rule from chain
    --delete  -D Delete rule rulenum (1 = first) from chain	
    --insert  -I Insert in chain as rulenum (default 1=first)
    --replace -R Replace rule rulenum (1 = first) in chain
    --list    -L List the rules in a chain or all chains
    
    --source      -s [!] address[/mask] source specification
    --destination -d [!] address[/mask] destination specification                         
    --jump        -j target
    
    INPUT = Incoming Access
    OUTPUT = Outgoing Access
    -I = Insert
    -D = Delete
    -s = Source Ip Address
    -j = Target Action
    DROP = Block action
    

Steps :
1. Login to your server via SSH as a root
2. To successfully block an IP address, just type this iptables syntax and it will take effect immediately.

syntax : iptables -I INPUT -s IP-ADDRESS -j DROP

    [root@server ~]# iptables -I INPUT -s 192.168.2.2 -j DROP
    

3. To removed blocked IP address, just type this iptables syntax as below:

syntax : iptables -D INPUT -s IP-ADDRESS -j DROP

    [root@server ~]# iptables -D INPUT -s 192.168.2.2 -j DROP
    

4. If you want to look at what’s iptables rules already loaded, type below syntax :

    [root@server ~]# iptables -L -n
    

How to Fix “Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)”

Problem :
Unable to read CDs or DVDs and DVD/CD-ROM drive also did not show up on My Computer.

Troubleshooting:
-Right Click on Device Manager
-Select DVD/CD-ROM drives
-Select the missing DVD/CD-ROM and should has a yellow exclamation mark
-Return device status with below error:
“Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)”

Solution:

1. Close all open programs
2. Go to Start menu search box then click run and enter. Type regedit to Open Windows Registry Editor.
3. Navigate on following key

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Class
{4D36E965-E325-11CE-BFC1-08002BE10318}

4. Look for any of the following names in the right hand column.

UpperFilters
LowerFilters
UpperFilters.bak
LowerFilters.bak

5. If any of those keys shown above are listed, right-click the just delete.
6. After deleting the keys, close your Registry Editor and restart your computer.

Important Note : It is advisable to take a back up of the registry before do any manual changes to Windows registry. Read How to Backup Registry in Windows

How to Backup Registry in Windows

Modifying the windows registry manually is a task are best handled by end users that are really knowledgeable in computers area. But before do any manual changes to Windows registry, it is advisable to take a back up. It is always a good practice for us to backup before perform manual changes on registry. Although most of the users know how to backup Windows Registry, but still some Windows users not aware about this. Follow below steps to backup your windows registry:

1. Go to Start menu search box then click run and enter.
2. Type regedit to Open Windows Registry Editor.
3. Click Yes if you are prompted with UAC (User Account Control) message. This may apply on windows 7 and windows Vista only.
4. On the left panel, click on My Computer. Click file menu then click Export.
5. You also can directly right click on My Computer and then select Export.
6. Enter a name for your Registry backup and click Save button. Done.

Source : Back up the registry

How to Submit Website or Blog to Yahoo Site Explorer

In this post, i will share with you how to submit your website or blog to yahoo site explorer. This is to ensure that your website indexed in yahoo search engine. Hence it will increase your traffic or visitors.  The only things that you need is yahoo mail account. Just follow below steps :

1. Log in to Yahoo Site Explorer
2. Click at My Sites
My Sites
3. Enter your blog URL and Click Add My Site
Enter Blog
4. To authenticate your site ownership, you can either upload a verification file to your site (Option 1) or add a META tag to your home page (Option 2). Click ready to Authenticate.
To authenticate your site
5. Proceed to upload the verification file or add a META tag to your blog home page.
6. You will get a message saying that ‘Your site is pending authentication’
7. Once your verification file or META tag properly added to your blog, you will get a message saying that “Your site has been authenticated “.

How to Use chmod Command to Change Linux File Permissions

In this post, i will share with you the basic chmod command usage to change linux file permission. This was tested on CentOS 5.5.

Who – ugoa controls :

u = Owner
g = Users in the Group
o = Other users not in the group
a = All users/Everyone

Permission :

r = Read
w = Write
x = Execute

Opcode :

+ --> Add permission.
- --> Remove permission.
= --> Assign permission

Samples:

Allow execute permission to everyone:
chmod a+x samplesfiles.txt

Deny execute permission to everyone:
chmod a-x samplesfiles.txt

Allow read permission to everyone:
chmod a+r samplesfiles.txt

Deny read permission to everyone:
chmod a-r samplesfiles.txt

Allow write and execute permission to everyone:
chmod a+wx samplesfiles.txt

Deny write and execute permission to everyone:
chmod a-wx samplesfiles.txt

Make a file readable and writable by the group and others:
chmod go+rw samplesfiles.txt

How to Add Persistent Static Routes in CentOS 5.6

This example will show you on how to configure the persistent static route in CentOS 5.6 server. This configuration may different with other version of CentOS but the basic is almost the same. Persistent static route will permanently stored the setting and will not be deleted after rebooted.

1. Go to /etc/sysconfig/network-scripts/

[root@server ~]# cd /etc/sysconfig/network-scripts/

2. Modify the original default route to your requirement.

[root@server network-scripts]# vi route-eth0
192.0.2.0/24 dev eth0 scope host
default via 192.0.2.1

Change to below :

192.0.2.0/24 dev eth0 scope host
default via 192.0.2.1
192.168.2.0/24 via 192.168.13.1 dev eth0

3. Restart the network to apply the new routing table

[root@server network-scripts]# service network restart
[root@server network-scripts]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.2.0     192.168.13.1    255.255.255.0   UG        0 0          0 eth0
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 eth0

How to Add Static Routes in CentOS 5.6

This tutorial was performed at my VPS server, therefore the NIC interface is using venet0 instead of eth0. This may different with your environment but all the steps should be same. For your information, this configuration will be erase once you rebooted the server. You should use persistent static route if you want to permanently apply the routing table.

This is my original routing table

[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

1. Static route for a specific network
To add a static route for a specific network in Linux, issue the following command :

[root@server ~]# route add -net 192.168.2.0/24 gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.2.0     192.168.13.1    255.255.255.0   UG        0 0          0 venet0
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

To delete a static route for a specific network in Linux, issue the following command :

[root@server ~]# route del -net 192.168.2.0/24 gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

2. Static route for a specific host
To add a static route for a specific host in Linux, issue the following command :

[root@server ~]# route add -host 192.168.2.5 gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.2.5     192.168.13.1    255.255.255.255 UGH       0 0          0 venet0
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

To delete a static route for a specific host in Linux, issue the following command :

[root@server ~]# route del -host 192.168.2.5 gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

To add a default gateway.

[root@server ~]# route add default gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         192.168.13.1    0.0.0.0         UG        0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

To delete a default gateway.

[root@server ~]# route del default gw 192.168.13.1
[root@server ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.0.2.0       0.0.0.0         255.255.255.0   U         0 0          0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 venet0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

How to Install and Configure Linux Iptables Firewall in CentOS 5

Iptables is the most popular packet filtering firewall package in linux. It can be used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Iptables interfaces to the Linux netfilter module to perform filtering of network packets.

Steps:

Install the iptables wihthout gui.

[root@server ~]# yum install iptables

Install the iptables with Gui by run below command.

[root@server ~]# yum install system-config-securitylevel-tui iptstate firstboot-tui iptables
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * addons: centos.maulvi.net
 * base: mirror.averse.net
 * epel: ftp.cuhk.edu.hk
 * extras: mirror.averse.net
 * updates: mirror.averse.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package firstboot-tui.i386 0:1.4.27.8-1.el5.centos set to be updated
---> Package iptables.i386 0:1.3.5-5.3.el5_4.1 set to be updated
---> Package iptstate.i386 0:1.4-2.el5 set to be updated
---> Package system-config-securitylevel-tui.i386 0:1.6.29.1-6.el5 set to be updated
--> Processing Dependency: iptables-ipv6 for package: system-config-securitylevel-tui
--> Running transaction check
---> Package iptables-ipv6.i386 0:1.3.5-5.3.el5_4.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================
 Package                              Arch      Version                      Repository
                                                                                        Size
=============================================================================================
Installing:
 firstboot-tui                        i386      1.4.27.8-1.el5.centos        base      189 k
 iptables                             i386      1.3.5-5.3.el5_4.1            base      233 k
 iptstate                             i386      1.4-2.el5                    base       27 k
 system-config-securitylevel-tui      i386      1.6.29.1-6.el5               base      254 k
Installing for dependencies:
 iptables-ipv6                        i386      1.3.5-5.3.el5_4.1            base      161 k

Transaction Summary
=============================================================================================
Install       5 Package(s)
Upgrade       0 Package(s)

Total download size: 864 k
Is this ok [y/N]: y
Downloading Packages:
(1/5): iptstate-1.4-2.el5.i386.rpm                                    |  27 kB     00:00
(2/5): iptables-ipv6-1.3.5-5.3.el5_4.1.i386.rpm                       | 161 kB     00:01
(3/5): firstboot-tui-1.4.27.8-1.el5.centos.i386.rpm                   | 189 kB     00:03
(4/5): iptables-1.3.5-5.3.el5_4.1.i386.rpm                            | 233 kB     00:03
(5/5): system-config-securitylevel-tui-1.6.29.1-6.el5.i386.rpm        | 254 kB     00:04
---------------------------------------------------------------------------------------------
Total                                                         60 kB/s | 864 kB     00:14
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : iptables                                                              1/5
  Installing     : iptables-ipv6                                                         2/5
  Installing     : system-config-securitylevel-tui                                       3/5
  Installing     : iptstate                                                              4/5
  Installing     : firstboot-tui                                                         5/5

Installed:
  firstboot-tui.i386 0:1.4.27.8-1.el5.centos
  iptables.i386 0:1.3.5-5.3.el5_4.1
  iptstate.i386 0:1.4-2.el5
  system-config-securitylevel-tui.i386 0:1.6.29.1-6.el5

Dependency Installed:
  iptables-ipv6.i386 0:1.3.5-5.3.el5_4.1

Complete!

Display Default Iptables rules:

[root@server ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

To start, stop, and restart iptables, you can run below commands:

[root@server ~]# service iptables start
[root@server ~]# service iptables stop
[root@server ~]# service iptables restart

To get iptables configured to start at boot, use the chkconfig command:

[root@server ~]# chkconfig iptables on

Check the iptables status whether iptables is running or not with the below command:

[root@server ~]# service iptables status
Firewall is stopped.

You can view the iptables manual by run below command:

[root@server ~]# man iptables

Add below line to enable certain port/programs to pass through firewall such as:
22 = SSH
80 = Web service
443 = SSL Web service
25 = Sendmail or postfix
3306 = MySQL service
10000 = Webmin service

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT

New configuration of the iptables should be like this.

[root@server ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

You can view the iptables status by run the below command to see which port are currently open.

[root@server ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
3    ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
5    ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353
6    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:631
8    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
10   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
11   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:25
13   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:3306
14   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:10000
15   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

How to Install and Configure Monit on Linux Server for Process Monitoring

Monit is a open source utility for managing and monitoring, processes, files, directories and devices on a Unix system. Monit can perform automatic maintenance and repair and can execute useful actions in error situations.

E.g.
monit can start a process if it does not run,
monit can restart a process if it does not respond,
monit can stop a process if it uses to much resources.

You may use monit to monitor files, directories and devices for changes, such as timestamp changes, checksum changes or size changes.

Steps
1. Download the latest monit from rpmforge repository.
For x86 (32-bit) systems

http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/monit-5.2.5-1.el5.rf.i386.rpm

For x64 (64-bit) systems

http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/monit-5.2.5-1.el5.rf.x86_64.rpm

[root@server ~]# wget http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/monit-5.2.5-1.el5.rf.i386.rpm
--2011-08-14 00:12:58--  http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/monit-5.2.5-1.el5.rf.i386.rpm
Resolving apt.sw.be... 193.1.193.67
Connecting to apt.sw.be|193.1.193.67|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 573934 (560K) [application/x-redhat-package-manager]
Saving to: `monit-5.2.5-1.el5.rf.i386.rpm'

100%[=============================================================>] 573,934     20.9K/s   in 34s

2011-08-14 00:13:38 (16.6 KB/s) - `monit-5.2.5-1.el5.rf.i386.rpm' saved [573934/573934]

2. Install the monit rpm

[root@server ~]# rpm -Uvh monit-5.2.5-1.el5.rf.i386.rpm
Preparing...                ########################################### [100%]
   1:monit                  ########################################### [100%]

3. Configure monit

[root@server ~]# vi /etc/monit.conf

 set daemon  120           # check services at 2-minute intervals
 set logfile syslog facility log_daemon
 set mailserver mail.server.local,               # primary mailserver
 set alert admin@server.local 

 set httpd port 2812 and
     allow localhost        # allow localhost to connect to the server and
     allow 192.168.2.2        # allow client ip address to connect to the server and
     allow admin:monit      # require user 'admin' with password 'monit'

4. Create /var/monit directory to place id and state

[root@server ~]# mkdir /var/monit

5. Configure service to be monitor

[root@server ~]# vi /etc/monit.d/localhost
check process httpd with pidfile /var/run/httpd.pid
        start program = "/etc/init.d/httpd start"
        stop program = "/etc/init.d/httpd stop"
        if failed host 127.0.0.1 port 80 protocol http then restart
        if 5 restarts within 5 cycles then timeout

check process sshd with pidfile /var/run/sshd.pid
        start program "/etc/init.d/sshd start"
        stop program "/etc/init.d/sshd stop"
        if failed host 127.0.0.1 port 22 protocol ssh then restart
        if 5 restarts within 5 cycles then timeout

check process mysqld with pidfile /var/run/mysqld/mysqld.pid
        start program = "/etc/init.d/mysqld start"
        stop program = "/etc/init.d/mysqld stop"
        if failed host 127.0.0.1 port 3306 then restart
        if 5 restarts within 5 cycles then timeout


6. Set monit to auto start on boot up.

    [root@server ~]# vi /etc/default/monit
    # You must set this variable to for monit to start
    startup=1
    

or

    [root@server ~]# chkconfig monit on
    

7. Start monit service

[root@server ~]# service monit start
Starting monit: monit: generated unique Monit id 50baacc26c17a307fe4cbdc1616c0bf8 and stored to '/var/monit/id'
Starting monit daemon with http interface at [*:2812]
                                                           [  OK  ]

or

    [root@server ~]# /etc/init.d/monit start
    Starting monit: Starting monit daemon with http interface at [*:2812]
                                                               [  OK  ]
    

8. Monitor monit from your browser

Monit Web interface will run on the port number 2812. Now point your browser to http://serverip:2812/