[Xymon] Xymon security concern raised
sholmes42 at mac.com
Wed Dec 5 21:20:12 CET 2012
I believe the concern is that a student or other 'non-admin' could send a
packet from an unconfigured workstation masquerading as a configured host.
I think I need to do a little more research on the problem.
On Wed, Dec 5, 2012 at 12:30 PM, Tim McCloskey <tm at freedom.com> wrote:
> Not sure that can be done in Xymon currently.
> So, is the concern that one of the configured hosts could pretend to be
> one of the other configured hosts? If not, a nice packet filter/firewall
> allowing tcp:1984 from only the Xymon hosts -> Xymon server would provide a
> possible fix for that.
> From: xymon-bounces at xymon.com [xymon-bounces at xymon.com] on behalf of
> Steve Holmes [sholmes42 at mac.com]
> Sent: Wednesday, December 05, 2012 9:14 AM
> To: xymon at xymon.com
> Subject: [Xymon] Xymon security concern raised
> I have a customer who is concerned that anyone could send data messages to
> the xymon server with one of his host names and Xymon would accept it as
> real thus potentially masking an attack.
> Note that this is in a university environment, so even if data can come
> only from campus addresses we might not necessarily trust the data.
> Is there a way to get Xymon to check the IP address on incoming data
> packets to verify that it is coming from the host it claims to be?
> Steve Holmes
> Purdue University
If they give you ruled paper, write the other way. -Juan Ramon Jimenez,
poet, Nobel Prize in literature (1881-1958)
I prayed for freedom for twenty years, but received no answer until I
prayed with my legs. -Frederick Douglass, Former slave, abolitionist,
editor, and orator (1817-1895)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon