> Further, what is the big concern about running nrpe ??? I have a
> number of mission critical systems that all run nrpe. Configured with
> the correct "allowed_hosts" list, with "nrpe_user" & "nrpe_group" set
> to the right type of account, and the "dont_blame_nrpe=0" parameter
> set (in order to prevent arguments being passed to nrpe) I really
> can't see what the risk is (someone like to enlighten me ?).
>
> --
> bright blessings,
> Mark
>
Currently I know of no risk associated with running NRPE however any
service that opens a port on a system can become a risk. After much debate
and discussion we have decided to use check_by_ssh in our environment for
this very reason. It may not be a risk at the moment but it could become a
risk in the future. I am not a hacker so I can't say what could happen
with the existing code to cause a risk but the possibility remains. Our
decision was based in simplicity as there is less to install on each
system, fewer configurations to maintain, less risk as no new daemons are
introduced. Everyone else may have different mileage in their own
environments.
Sorry for the off topic post.
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
