[hobbit] Securing Xymon Over Internet
Henrik =?unknown-8bit?Q?St=C3=B8rner?=
henrik at hswn.dk
Tue Feb 10 16:22:36 CET 2009
On Tue, Feb 10, 2009 at 10:06:39AM +0200, Neil Franken wrote:
> I need to monitor several satellite sites with XyMon. These sites are
> not available on our local LAN so I have to go via the internet. I am a
> bit hesitant to open the ports etc since the information collected can
> be used in foot printing the system. How would I go about securing the
> service so that xymons information does not fall into the wrong hands?
For a solution now, OpenVPN would be my suggestion - it is very easy to
setup, uses standard OpenSSL encryption with digital certificates for
authentication, and has a nice price ($ 0,00). Plus you get a true VPN
connection to the server, so if need be you can SSH to the remote
servers through the VPN tunnel - or rdesktop, if they are Windows
servers.
In the slightly longer run, the Xymon clients will know how to use
an SSL-encrypted connection to the Xymon server. This is planned
for one of the releases that will show up over the coming months
(see my announcement from yesterday).
Regards,
Henrik
More information about the Xymon
mailing list