On May 24, 2007, at 9:46 AM, Scott Silva wrote: > Dexter Ang spake the following on 5/23/2007 5:36 PM: >> Hi folks, >> >> I'm just wondering what is the recommended way of monitoring >> servers and >> networks remotely. My current setup is to install and configure cacti >> and nagios. I've set these up to require SSL. This way, I can >> easily go >> to them and login from wherever I am and monitor (almost) >> everything I >> need to monitor. >> >> The problem is that leaving cacti open was the most stupid thing I've >> done. After checking /var/log/httpd/error_log, I saw that someone >> exploited a cacti php file and the result was: > Have you tried something as simple as using ssh tunnels on obscure > ports and > not having the tools pointed to outward facing interfaces? > You can even use putty and xming on a windows machine and get in > that way. > If you keep your ssh secure and even only use key based logins, you > can feel > at least a little safer. Hmmm... good idea. Maybe just tunnel through default ssh port on the server, which is already using port knocking. Thanks for the suggestion! > > -- > > MailScanner is like deodorant... > You hope everybody uses it, and > you notice quickly if they don't!!!! > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos ---------- Mobile: +63 (917) 5357191, Office: +63 (2) 6312718 i4 Asia Incorporated - http://www.i4asiacorp.com/