[Xymon] Xymon security concern raised

Thomas Kähn xymonliste at netcologne.de
Thu Dec 6 08:15:06 CET 2012


Hi,

On Wed, Dec 05, 2012 at 09:57:10PM +0100, Henrik Størner wrote:
> On 05-12-2012 21:04, Steve Holmes wrote:
> >I tried that and started getting a lot of refused messages referencing
> >the monitored systems.
> >I forgot to mention that this is release 4.2.3. If it is different in
> >4.3.x then I will have to wait a couple of months.

I've configured some Xymon servers using all --*-senders options. It works
great. 

Additionally I also specified --no-download. Otherwise clients might
fetch the (bb-)hosts(.cfg) file or other configuration files which might
contain sensitive data.

Steve, are you sure that the IP address in the configuration is the same
as the client is using for outgoing connections. I had a problem with
a system having a couple of secondary IP addresses.

> In 5.0, you can implement SSL client certificate checks for complete
> control of who is allowed to send status updates.

Great to hear that 5.0 will support SSL authentication and encryption :-)

Best regards
Thomas Kähn
-- 
Thomas Kähn
Technik, Network Engineering & Design; Content Delivery Platform & IP
---------------------------------------------------------------------
NETCOLOGNE Gesellschaft für Telekommunikation mbH
Am Coloneum 9 | 50829 Köln
Tel: 0221 2222-8718 | Fax: 0221 2222-78718

www.netcologne.de

Geschäftsführer:
Dr. Hans Konle (Sprecher)
Dipl.-Ing. Karl-Heinz Zankel

Vorsitzender des Aufsichtsrates:
Dr. Andreas Cerbe

HRB 25580, AG Köln


Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sollten
Sie diese Nachricht versehentlich erhalten haben, bitten wir, den
Absender (durch Antwort-E-Mail) hiervon unverzüglich zu informieren
und die Nachricht zu löschen. Die E-Mail darf in diesem Fall weder
vervielfältigt noch in anderer Weise verwendet werden.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 155 bytes
Desc: Digital signature
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20121206/0f2e946d/attachment.sig>


More information about the Xymon mailing list