[Xymon] Is Xymon Alive?
Bruce Ferrell
bferrell at baywinds.org
Tue Jun 8 21:49:14 CEST 2021
Some of those are true... The Xymon server can tell the client to run
something IF the client has been pre-configured for it. I've never seen
a config that allowed sending code to the client (upgrades?) and I've
been using Xymon and it's predecessor, Big Brother, since 2000. Are you
maybe referring to remote logfetch via ssh?
Out of the box, all of those "objections" for Xymon are true for Zabbix
as well.
Zabbix needs a MySQL instance set up to make it run too.
Nagios is just plain "fussy" with the same objections to encryption and
triple A.
I think we all know what happened when the "secure" labyrinth called
Solarwinds was breached.
My point is that simple is good. Simple is in your control.
Your point John?
On 6/8/21 12:17 PM, John Thurston wrote:
> It is worth noting that out of the box:
>
> A) the Xymon client <> server communication channel is unencrypted TCP
> B) there is neither authentication or authorization of that channel
> C) any client may send valid messages for any hostname
> D) the Xymon server may send arbitrary code to the client for execution
>
>
>
> --
> Do things because you should, not just because you can.
>
> John Thurston 907-465-8591
> John.Thurston at alaska.gov
> Department of Administration
> State of Alaska
>
> On 6/8/2021 9:54 AM, Bruce Ferrell wrote:
>> The "worst", most technical thing I know about installing Xymon is
>> building from source (my preferred method), but just about any modern
>> Linux distro has binaries available. The second "worst" thing is
>> editing text files to configure it. There have been configuration
>> tools attempted, but to my knowledge, really gone nowhere.
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
More information about the Xymon
mailing list