Hi Keith You wouldn't happen to have the installation documented or a mini how-to? :)
Steve -----Original Message----- From: Keith Coles [mailto:k...@trivas.co.uk] Sent: 24 February 2009 11:30 PM To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] What aer your thoughts about running Nagios NRPE daemon on Endain? Steven I run a couple of Endian installations with NRPE installed. I try to make sure its secure as possible by - making sure it uses SSL for communication with the Nagios host. - make sure the nagios hosts allowed to connect is kept to a strictly controlled list - configure NRPE to *not* accept externally provided parameters - this can be a bit inconvenient with a large number of internal servers but this is likely to be the weakest part of NRPE. You're right to be concerned - any open port is a possible weakness in a firewall but the overall resilience of the infrastructure as a whole can only be improved by continually monitoring it. As an aside, I prefer to use OpsView rather than "raw" Nagios - it has a much better admin interface and includes some graphing as standard. I also like to use SmokePing to keep and eye on teh network. Regards Keith Steven Sher wrote: > > I having been playing around with Nagios to monitor our servers for > us. I was playing with the idea of installing the NRPE daemon onto > the Endian boxes. > > > > At first I thought it was a bad idea, running extra software on your > firewall is not generally a good idea, but then I started thinking if > I need to open up a port for NRPE anyway, why not just run it on the > firewall. It would allow me to use Endain both as a firewall and > extend its functionality by adding in monitoring capabilities I could > use the NRPE daemon to monitor as many hosts inside my internal > network without my public Nagios server ever having to enter any > internal network. > > > > Does anybody have any thoughts on this idea, my Endian knowledge is > only minor to say the least, would this even work? > > > > Thanks > > Steve > > > > > ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
