[Xymon] Xymon security concern raised

Tim McCloskey tm at freedom.com
Wed Dec 5 18:30:24 CET 2012


Not sure that can be done in Xymon currently.

So, is the concern that one of the configured hosts could pretend to be one of the other configured hosts?  If not, a nice packet filter/firewall allowing tcp:1984 from only the Xymon hosts -> Xymon server would provide a possible fix for that.

Regards, 
Tim
________________________________________
From: xymon-bounces at xymon.com [xymon-bounces at xymon.com] on behalf of Steve Holmes [sholmes42 at mac.com]
Sent: Wednesday, December 05, 2012 9:14 AM
To: xymon at xymon.com
Subject: [Xymon] Xymon security concern raised

I have a customer who is concerned that anyone could send data messages to the xymon server with one of his host names and Xymon would accept it as real thus potentially masking an attack.

Note that this is in a university environment, so even if data can come only from campus addresses we might not necessarily trust the data.

Is there a way to get Xymon to check the IP address on incoming data packets to verify that it is coming from the host it claims to be?

Thanks,
Steve Holmes
Purdue University





More information about the Xymon mailing list