Secure network

[jeff vier]

On Wed, 2004-02-11 at 10:44, Penny Keeffe wrote:
> How secure is Nagios?  Basically, I am trying to get
> my office to use Nagios and need to find out exactly
> how secure it is.  Security is a HUGE factor here.  If
> the answer to my question is in the documentation,
> just direct me to it if not I need to get as specific
> as possible.

The issue is 'How secure is your network?'

Nagios is merely a daemon whose web front-end is made available by a web
server listening on an arbitrary port.  It is meant for internal
monitoring of systems.  It is definitely NOT meant to be an
internet-available website for public perusal (or your network has just
given away much of the information necessary for compromise).

You can make the back-end as secure as you like - ssh is generally an
option to check almost anything (at the price of speed).  If you're
doing open (plain text) calls to things, those requests are definitely
'sniffable' (through no fault of nagios' - it's just the way it is).

HTH

--jeff



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null