nagios backdoor
Jakob Curdes
jc at info-systems.de
Thu Jun 6 22:12:27 CEST 2013
Am 06.06.2013 21:10, schrieb Rainer Duffner:
> Do you have any details? The german notice sounds like someone broke
> into their nagios system, but not necessarily by a nagios backdoor. Sven
We know very little, but from the nagios architecture I would rather
suspect there is a security flaw in a check script than in the nagios
core. The checks are the tools that contact other servers, not the
nagios core. And a check script can be anything, e.g. a self-written
shell script using a root login and called from the nagios core with a
password in plain text.
I think we shoud wait until we know more about the attack vectors before
speculating in the wild.
Regards jakob curdes
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list