Linux Today: Linux News On Internet Time.

A Secure Nagios Server

Nov 12, 2008, 01:34 (1 Talkback[s])
(Other stories by Bill Keys)

"Don't Run Nagios As Root
There should be an normal user called nagios. If Nagios is running as root then if Nagios gets compromised then the attacker can do anything they want to your system.

Lock Down The Check Result Directory
Make sure that only nagios has read/write access to the check result directory otherwise an attacker can send fake host and service checks. This directory is normal at /usr/local/nagios/var/spool/checkresults

Use Full Paths In Command Definitions
When defining commands, make sure to specify the full path and not the relative one to any scripts or binaries you’re executing.

Secure Remote Agents
Some example are NRPE, NSClient, and SNMP. Below we will look at steps to secure the NRPE remote agent."

Complete Story

Related Stories: