[hobbit] security hole? server masquerade
Larry Barber
lebarber at gmail.com
Fri Nov 30 22:29:49 CET 2007
Check out the --status-senders argument to hobbitd on the hobbitd man page.
Thanks,
Larry Barber
On Nov 29, 2007 4:05 PM, ye-fee liang <yf.liang at yahoo.ca> wrote:
> We have 2 servers:
>
> 1.2.3.4 servera
> 4.5.6.8 serverb
>
> During DR(discovery test), we changed the local name of serverb to
> servera,
> to perform test to see that servera applications have been recovered.
>
> So, externally both return pings to their original name. However, when
> logging into serverb, the uname -a returns servera.
>
> The change was done by changing /etc/hosts and uname.
> 4.5.6.8 serverb servera
>
> When the hobbit client is running on serverb, all processes have servera
> in them. Hobbit server starts to report serverb status as servera !!
>
> Doesn't the hobbit server check that the ip of the reporting server
> (serverb)
> and reject it, since it does not match the ip address of servera?
>
>
>
>
> ------------------------------
> Be smarter than spam. See how smart SpamGuard is at giving junk email the
> boot with the *All-new Yahoo! Mail *<http://ca.promos.yahoo.com/newmail/overview2/>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20071130/8127ac12/attachment.html>
More information about the Xymon
mailing list