Security Concerns about the nsca daemon

Andreas Ericsson ae at op5.se
Wed Feb 22 11:08:30 CET 2006


Marc Haber wrote:
> On Mon, Feb 20, 2006 at 10:48:51PM +0100, Marc Haber wrote:
> 
>>I'm having a headache about using nsca to receive passive service
>>checks.
> 
> 
> And while we're at it, nsca should use tcp-wrappers itself so that it
> can be tcp wrapped without having to add inetd to possible attack
> vectors.
> 

Nopes. I could implement some basic tcp-wrappers-like thing in the nsca 
core, but I won't make it use tcp-wrappers. It'd be much better to do 
some simple firewalling anyway.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642




More information about the Developers mailing list