On May 24, 2007, at 9:46 AM, Scott Silva wrote:
Dexter Ang spake the following on 5/23/2007 5:36 PM:
Hi folks,
I'm just wondering what is the recommended way of monitoring
servers and
networks remotely. My current setup is to install and configure cacti
and nagios. I've set these up to require SSL. This way, I can
easily go
to them and login from wherever I am and monitor (almost)
everything I
need to monitor.
The problem is that leaving cacti open was the most stupid thing I've
done. After checking /var/log/httpd/error_log, I saw that someone
exploited a cacti php file and the result was:
Have you tried something as simple as using ssh tunnels on obscure
ports and
not having the tools pointed to outward facing interfaces?
You can even use putty and xming on a windows machine and get in
that way.
If you keep your ssh secure and even only use key based logins, you
can feel
at least a little safer.
Hmmm... good idea. Maybe just tunnel through default ssh port on the
server, which is already using port knocking.
Thanks for the suggestion!
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
----------
Mobile: +63 (917) 5357191, Office: +63 (2) 6312718
i4 Asia Incorporated - http://www.i4asiacorp.com/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
