[hobbit] security hole? server masquerade

Larry Barber lebarber at gmail.com
Fri Nov 30 22:29:49 CET 2007


Check out the --status-senders argument to hobbitd on the hobbitd man page.

Thanks,
Larry Barber

On Nov 29, 2007 4:05 PM, ye-fee liang <yf.liang at yahoo.ca> wrote:

> We have 2 servers:
>
> 1.2.3.4   servera
> 4.5.6.8   serverb
>
> During DR(discovery test), we changed the local name of serverb to
> servera,
> to perform test to see that servera applications have been recovered.
>
> So, externally both return pings to their original name.  However, when
> logging into serverb, the uname -a returns servera.
>
> The change was done by changing /etc/hosts and uname.
> 4.5.6.8  serverb  servera
>
> When the hobbit client is running on serverb, all processes have servera
> in them.  Hobbit server starts to report serverb status as servera !!
>
> Doesn't the hobbit server check that the ip of the reporting server
> (serverb)
> and reject it, since it does not match the ip address of servera?
>
>
>
>
> ------------------------------
> Be smarter than spam. See how smart SpamGuard is at giving junk email the
> boot with the *All-new Yahoo! Mail *<http://ca.promos.yahoo.com/newmail/overview2/>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20071130/8127ac12/attachment.html>


More information about the Xymon mailing list