[Xymon] Xymon security concern raised
Henrik Størner
henrik at hswn.dk
Wed Dec 5 21:57:10 CET 2012
On 05-12-2012 21:04, Steve Holmes wrote:
> I tried that and started getting a lot of refused messages referencing
> the monitored systems.
> I forgot to mention that this is release 4.2.3. If it is different in
> 4.3.x then I will have to wait a couple of months.
In --status-senders, you should list
1) the Xymon server itself
2) any hosts running network tests
The reason for 1) is somewhat obscure, but basically boils down to the
Xymon client data triggering status-messages sent locally from the
xymond_client daemon.
This behaviour is unchanged from 4.2.x to 4.3.x.
In 5.0, you can implement SSL client certificate checks for complete
control of who is allowed to send status updates.
Regards,
Henrik
More information about the Xymon
mailing list