On 6/16/2010 8:44 AM, Whit Blauvelt wrote: > On Wed, Jun 16, 2010 at 08:01:26AM -0500, Les Mikesell wrote: > >> If have firewalling to protect from security issues, why not just run an older >> version of cacti? > > Sensible suggestion. One, it's not obvious where to find an older version. It's on sourceforge... If you expand the 'all files' list you can go back to 0.5 here: http://sourceforge.net/projects/cacti/files/ and you should be able to grab any revision you want with a subversion client, or browse them here: http://svn.cacti.net/viewvc/. If you want old Centos RPMs, try http://vault.centos.org. > Two, hours of attempting to get cacti to work have led me to be > underimpressed with the whole project. That's odd because other than the usual php version issues I've always considered cacti to be the easiest of the graphing tools to get working - but I haven't tried the most recent versions. > Three, we have good external > firewalling, and are a small enough shop not to worry about malicious > employees. But if an employee manages to get a virus on their Windows box > due to some new drive by zero day exploit, some viruses probe the LAN with > requests to check if known-vulerable web apps exist there (ahem, this has > happened to us, and I've seen the probes). While we could tighten internal > firewall rules more, bottom line is running known-insecure web apps on an5 > LAN isn't a brilliant idea, even if I did a few messages back indicate a > willingness to make that compromise. If you are willing to hack some ugly-looking xml files that specify the oids and time intervals you can probably make opennms work for you - and you might find its other features (thresholding, notifications, etc.) useful too. -- Les Mikesell lesmikesell at gmail.com