nagios backdoor

Jakob Curdes jc at info-systems.de
Thu Jun 6 22:12:27 CEST 2013

Previous message: nagios backdoor
Next message: Misplaced advice in the Nagios preflight check?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 06.06.2013 21:10, schrieb Rainer Duffner:
> Do you have any details? The german notice sounds like someone broke 
> into their nagios system, but not necessarily by a nagios backdoor. Sven
We know very little, but from the nagios architecture I would rather 
suspect there is a security flaw in a check script than in the nagios 
core. The checks are the tools that contact other servers, not the 
nagios core. And a check script can be anything, e.g. a self-written 
shell script using a root login and called from the nagios core with a 
password in plain text.
I think we shoud wait until we know more about the attack vectors before 
speculating in the wild.

Regards jakob curdes

------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: nagios backdoor
Next message: Misplaced advice in the Nagios preflight check?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list