questions

[Paul L. Allen]

rob at capband.net writes: 

>> tcpwrappers to limit who can connect to it.  This can be a problem if
>> your monitoring machine is on ADSL or cable modem and its IP address
>> can change (not a problem for most people but this one is a problem
>> for me because of a PHB who insists on running nagios on his home
>> computer to save on chargeable bandwidth).

> I'm sure you're aware of this, but we use VPN tunnels to get around this.

Yeah, that's another way around the problem.  If you are monitoring many
independent clients (which we are) then check_by_ssh may be a simpler
option. 

Also, I'm none too happy with any VPN technology I've seen. IPSec comes in
for a lot of criticism from Schneier over security issues, vtund I've
found to be intolerant of network outages and needs manually resetting,
pptp uses weak encryption of passwords, one of the other technologies
tunnels tcp over tcp (bad idea because backoffs get compounded). 

-- 
Paul Allen
Softflare Support 




-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null