[Xymon] Xymon security concern raised

Steve Holmes sholmes42 at mac.com
Wed Dec 5 22:14:52 CET 2012


On Wed, Dec 5, 2012 at 3:57 PM, Henrik Størner <henrik at hswn.dk> wrote:

> On 05-12-2012 21:04, Steve Holmes wrote:
>
>> I tried that and started getting a lot of refused messages referencing
>> the monitored systems.
>> I forgot to mention that this is release 4.2.3. If it is different in
>> 4.3.x then I will have to wait a couple of months.
>>
>
> In --status-senders, you should list
>
> 1) the Xymon server itself
> 2) any hosts running network tests
>
> The reason for 1) is somewhat obscure, but basically boils down to the
> Xymon client data triggering status-messages sent locally from the
> xymond_client daemon.
>
>
> This behaviour is unchanged from 4.2.x to 4.3.x.
>
> In 5.0, you can implement SSL client certificate checks for complete
> control of who is allowed to send status updates.
>
>
> Regards,
> Henrik
>
>
>
Thanks Henrik...
But, but (he sputters) that causes the server to refuse messages from the
clients. Did I do it wrong?

I used
--status-senders=127.0.0.1,$BBSERVERIP,xxx.xx.xxx.xxx

where the x's is another Xymon server IP that does network tests.

Thanks,
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20121205/08cca288/attachment.html>


More information about the Xymon mailing list