"Don't Run Nagios As Root
There should be an normal user called nagios. If Nagios is running
as root then if Nagios gets compromised then the attacker can do
anything they want to your system.
Lock Down The Check Result Directory
Make sure that only nagios has read/write access to the check
result directory otherwise an attacker can send fake host and
service checks. This directory is normal at
Use Full Paths In Command Definitions
When defining commands, make sure to specify the full path and not
the relative one to any scripts or binaries you’re
Secure Remote Agents
Some example are NRPE, NSClient, and SNMP. Below we will look at
steps to secure the NRPE remote agent."