Secure network

[Subhendu Ghosh]

On Wed, 11 Feb 2004, Penny Keeffe wrote:

> 
> > (and the grandparent post wasn't specific,
> > either - just 'how secure is Nagios?')
> 
> I would love to be more specific but alas I cannot.  I
> basically need to know this:  while monitoring a
> secure network how accessible is it from the outside. 
> I really wish I could be more specific I know it would
> help you guys out with what I am asking.  Ask me
> questions if you can think of any and if I can I will
> answer them.
> 

Nagios is a monitoring tool and needs some level of administrative access 
to the servers it is supposed to monitor - specially if local checks are 
needed for things like cpu.mem/proc.

If this is a secure island and everybody on the island is trustworthy and 
Nagios is on/in the island then your perimeter protection should protect 
Nagios just like any other application.  Nagios will only contact servers 
and services it is configured to - no auto-discovery to worry about.

If Nagios is outside the island and needs to monitor status inside the 
island - you will probably want a bastion proxy with a secure tunnel on 
the island.

Again lack of specifics is like bilding security on a house of cards...

-- 

-sg



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null