[CentOS] Re: Suggested way to remotely monitor servers and networks these days?

Thu May 24 02:57:51 UTC 2007
Dexter Ang <thepoch at gmail.com>

On May 24, 2007, at 9:46 AM, Scott Silva wrote:

> Dexter Ang spake the following on 5/23/2007 5:36 PM:
>> Hi folks,
>>
>> I'm just wondering what is the recommended way of monitoring  
>> servers and
>> networks remotely. My current setup is to install and configure cacti
>> and nagios. I've set these up to require SSL. This way, I can  
>> easily go
>> to them and login from wherever I am and monitor (almost)  
>> everything I
>> need to monitor.
>>
>> The problem is that leaving cacti open was the most stupid thing I've
>> done. After checking /var/log/httpd/error_log, I saw that someone
>> exploited a cacti php file and the result was:
> Have you tried something as simple as using ssh tunnels on obscure  
> ports and
> not having the tools pointed to outward facing interfaces?
> You can even use putty and xming on a windows machine and get in  
> that way.
> If you keep your ssh secure and even only use key based logins, you  
> can feel
> at least a little safer.

Hmmm... good idea. Maybe just tunnel through default ssh port on the  
server, which is already using port knocking.

Thanks for the suggestion!

>
> -- 
>
> MailScanner is like deodorant...
> You hope everybody uses it, and
> you notice quickly if they don't!!!!
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

----------
Mobile: +63 (917) 5357191, Office: +63 (2) 6312718
i4 Asia Incorporated - http://www.i4asiacorp.com/