yet ANOTHER NSClient question

[Massey, Craig]

Any command accepted by the client.
I don't know how hard or easy it is to get around the limitations the client
places on what it will accept. The code is pretty simple, it looks for
specific text in the string passed to it and executes one of its programmed
actions.
 
You can't execute arbitrary commands.
 
It's not brilliantly secure, but neither does it open the box up to the
world.
 
-----Original Message-----
From: Carroll, Jim P [Contractor] [mailto:jcarro10 at sprintspectrum.com]
Sent: Tuesday, November 26, 2002 8:42 AM
To: nagios
Subject: [Nagios-users] yet ANOTHER NSClient question


How secure is NSClient?
 
I was asked this question this morning by the resident NT guru, since we're
considering monitoring a few NT boxes which are already 'exposed' to the
Wild Wild Net.
 
All I can see is that NSClient has password support, but that pretty much
any command (?) can be executed.
 
Any suggestions on locking this down?  Or does this fall under the "I
would't recommend it unless you're fond of rebuilding servers" school of
thought?
 
jc

DISCLAIMER:  This electronic message together with any attachments is 
confidential.  If you are not the intended recipient, do not copy, disclose or 
use the contents in any way.  Please also advise us by return e-mail that you 
have received the message and then please destroy.  Carter Holt Harvey is not 
responsible for any changes made to this message and / or any attachments after 
sending by Carter Holt Harvey.  We use virus scanning software but exclude all 
liability for viruses or anything similar in this email or any attachment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20021126/7b2f1692/attachment.html>