RE: Netsaint
Netsaint is actually pretty extensible, if you do a bit of lateral thinking.
I implemented it for all of the linux boxes at an isp I was working at about
a year ago. However I wasnt particularly happy with the way it implemented
remote agents, iirc it used a perl script with sockets to access them.
Instead I created a netsaint user acct, installed the agents in the libexec
dir and setup ssh keys so password authentication was eliminated. In the
config files you can edit the commandline to something like "ssh -q <host>
<agent command>", the -q commandline switch is important as it fools
netsaint into thinking the agent is local. Netsaint is after all a glorified
regex.
I hope this helps
James Unitt
-----Original Message-----
From: johanj [mailto:johanj]On Behalf Of Johan Jacobsson
Sent: 28 February 2002 14:55
To: debian-security@lists.debian.org
Subject: Netsaint
Hello!
I am using netsaint_statd on a debian machine and I would like to know
what I am doing, eg what security holes may this create?
As I understand it, the netsaint_statd deamon makes it possible to
extract information about CPU load, disk usage, memory load etc.
Is this a security problem?
Has anyone heard about security holes in netsaint_statd 2.13? The web
page maintaining it is not so informative...
/Johan Jacobsson
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to:
- References:
- Netsaint
- From: Johan Jacobsson <johan.jacobsson@koppla.com>