NRPE - daemon versus xinetd - pros and cons

Rob Moss robmossrm at aol.com
Fri Sep 30 12:49:08 CEST 2005

Previous message: NRPE - daemon versus xinetd - pros and cons
Next message: Monitoring hosts in remote office
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Richard DeWath wrote:

>I am interested in hearing from anyone who has insight
>on to whether running the daemon is more efficient
>than xinetd for nagios (I mean real difference not
>minor overhead differences);  Is there more security
>with xinetd and wrappers in this case?  Anyone who has
>tried both, I would be interested in your feedback.  I
>have been using xinted/inetd without real problems
>(some nrpe timeouts), but there are people who want to
>use the daemon option.  I can do this, but hate to
>start if it will not improve the overhead or security.
>  
>

Two things to consider here:
- Are your servers openly internet contactable, or firewalled?
- Is security your main concern, or is ease of use/functionality?

If you are security concious/concerned and don't mind a minor overhead 
then you should use inetd/xinetd with tcpwrappers to control access..

If you want ease of use/functionality and don't want the overhead and 
can live with using NRPE's builtin ACL then use the daemon.

I went for the second option.  I'm running NRPE as a daemon on all of 
the internal Sun servers.  The environment is essentially a software 
testing/development environment in private address space.  I don't run 
inetd and didn't want the added layer of potential problems through 
inetd.     In production, it would be a different story, hardware 
firewalls to restrict the port to a few IP's and using tcpwrappers to 
again ensure the right IP's were allowed through and the rest are blocked.

The inetd/xinetd services add many features, such as logging and 
security through tcpwrappers, however it's not something that needs to 
be installed on the servers I am monitoring.

Cheers
rob.

-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: NRPE - daemon versus xinetd - pros and cons
Next message: Monitoring hosts in remote office
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list