[Nagiosplug-devel] Re : Iptables, snort, acid, clamav, nessus, osiris

Jason Reynolds jason at newio.org
Mon Mar 2 14:05:57 CET 2009


You can jail the nagios user the same way you can jail
any other username.  If you're going to run a jailed system,
then apache and your other services should also be jailed.

On Mon, Mar 2, 2009 at 4:07 AM, hamouda <dimmumeister at gmail.com> wrote:

> yes I know about that but I'm trying to make it more secure and put
> the nagios user in a "jail" but I don't know how to do it.
> can u please tell me more about developping plugin for nagios to
> administrate iptables because I just found a check_iptables plugin to
> know the status of iptbales on a remote host.
> Right I'm going to develop a perl script to manipulate the iptables
> rules from the shell, then host the cgi script by an apache server to
> test it. And then I look forward to add it as a plugin to nagios.
> Is it doable??
> Thx :)
> Looking forward to your answer :)
>
> 2009/3/2, Ovidiu Marcu <Ovidiu.Marcu at tdn.de>:
> > Hi,
> >
> > You can give rights to user nagios from /etc/sudoers so you can do
> anything
> > with nagios ;)
> >
> >
> > Viele Grüße,
> >
> > ServiceDesk_TDN
> > Ovidiu Marcu
> >
> >
> > -----Original Message-----
> > From: hamouda [mailto:dimmumeister at gmail.com]
> > Sent: Sunday, March 01, 2009 11:53 PM
> > To: Ovidiu Marcu; nagiosplug-devel at lists.sourceforge.net
> > Subject: Re: [Nagiosplug-devel] Iptables,snort,acid,clamav,nessus,osiris
> >
> > I think that developping a plugin to setup iptables through nagios
> > can't be done because :
> > first : nagios runs as the user nagios which has not a root
> > privileges to modify iptables
> > second : the nagios plugins returns a significant code between 0 and 3
> > wich indicates the state of the service
> > third : nagios is meant to be for monitoring and nothing else.
> > any other ideas ?
> > Am I mistaken??
> > thx 4 replying
> >
> > 2009/3/1 hamouda <dimmumeister at gmail.com>:
> >> Thx 4 answering.
> >> If I manage developping any plugin I'll tell you about it :)
> >>
> >> 2009/3/1 Ovidiu Marcu <Ovidiu.Marcu at tdn.de>:
> >>> Hi,
> >>>
> >>> You can do a lot with nagios.
> >>> For example : I'm monitoring if the time is synchronized on  servers,
> and
> >>> if it is not, nagios automatically restarts ntpd on the server that is
> >>> not in sync.
> >>> I've learned how to do script by looking at other scripts made in perl,
> >>> and by learning perl by myself.
> >>> You can find plugins on the internet for almost everything.
> >>>
> >>>
> >>> Viele Grüße,
> >>>
> >>> ServiceDesk_TDN
> >>> Ovidiu Marcu
> >>>
> >>> -----Original Message-----
> >>> From: hamouda [mailto:dimmumeister at gmail.com]
> >>> Sent: Sunday, March 01, 2009 1:10 AM
> >>> To: Ovidiu Marcu
> >>> Subject: Re: [Nagiosplug-devel]
> Iptables,snort,acid,clamav,nessus,osiris
> >>>
> >>> I know that it is used for monitoring stuff but I'm wondering if I can
> >>> use it for administration by developping my own scripts.
> >>> any idea??
> >>>
> >>> 2009/2/28 Ovidiu Marcu <Ovidiu.Marcu at tdn.de>:
> >>>> Hi,
> >>>>
> >>>> Nagios is used for monitoring stuff :)
> >>>> I usually monitor the logs, or if there are changes in the
> >>>> configurations.
> >>>> To check small configuration changes, I usually make my own scripts in
> >>>> perl.
> >>>>
> >>>> Viele Grüße,
> >>>>
> >>>> ServiceDesk_TDN
> >>>> Ovidiu Marcu
> >>>>
> >>>>
> >>>> -----Original Message-----
> >>>> From: hamouda [mailto:dimmumeister at gmail.com]
> >>>> Sent: Saturday, February 28, 2009 10:13 AM
> >>>> To: nagiosplug-devel at lists.sourceforge.net
> >>>> Subject: [Nagiosplug-devel] Iptables,snort,acid,clamav,nessus,osiris
> >>>>
> >>>> Hi everyone, I am a newbie in the nagios world and I'm trying to
> >>>> develop plugins for nagios to administrate
> >>>> iptables,snort,acid,clamav,nessus and osiris.
> >>>> Have anyone already tried doing this or have anyone any idea if what
> >>>> I'm trying to do is doable??
> >>>> Any tutorials for plugin developping ??
> >>>> Thx for answering :)
> >>>> --
> >>>> being selfish won't help you progressing, learn & share that's the
> >>>> point. Give a hand in the forums to help the others & urself;
> >>>> http://www.fedora-tunisia.org/
> >>>> http://forums.fedora-fr.org/
> >>>> http://fedora.kiewel-online.de/repoview/linux/releases/7/
> >>>>
> >>>>
> ------------------------------------------------------------------------------
> >>>> Open Source Business Conference (OSBC), March 24-25, 2009, San
> >>>> Francisco, CA
> >>>> -OSBC tackles the biggest issue in open source: Open Sourcing the
> >>>> Enterprise
> >>>> -Strategies to boost innovation and cut costs with open source
> >>>> participation
> >>>> -Receive a $600 discount off the registration fee with the source
> code:
> >>>> SFAD
> >>>> http://p.sf.net/sfu/XcvMzF8H
> >>>> _______________________________________________________
> >>>> Nagios Plugin Development Mailing List
> >>>> Nagiosplug-devel at lists.sourceforge.net
> >>>> Unsubscribe at
> >>>> https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel
> >>>> ::: Please include plugins version (-v) and OS when reporting any
> issue.
> >>>> ::: Messages without supporting info will risk being sent to /dev/null
> >>>>
> >>>
> >>>
> >>>
> >>> --
> >>> being selfish won't help you progressing, learn & share that's the
> >>> point. Give a hand in the forums to help the others & urself;
> >>> http://www.fedora-tunisia.org/
> >>> http://forums.fedora-fr.org/
> >>> http://fedora.kiewel-online.de/repoview/linux/releases/7/
> >>>
> >>
> >>
> >>
> >> --
> >> being selfish won't help you progressing, learn & share that's the
> >> point. Give a hand in the forums to help the others & urself;
> >> http://www.fedora-tunisia.org/
> >> http://forums.fedora-fr.org/
> >> http://fedora.kiewel-online.de/repoview/linux/releases/7/
> >>
> >
> >
> >
> > --
> > being selfish won't help you progressing, learn & share that's the
> > point. Give a hand in the forums to help the others & urself;
> > http://www.fedora-tunisia.org/
> > http://forums.fedora-fr.org/
> > http://fedora.kiewel-online.de/repoview/linux/releases/7/
> >
>
>
> --
> being selfish won't help you progressing, learn & share that's the
> point. Give a hand in the forums to help the others & urself;
> http://www.fedora-tunisia.org/
> http://forums.fedora-fr.org/
> http://fedora.kiewel-online.de/repoview/linux/releases/7/
>
>
> ------------------------------------------------------------------------------
> Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco,
> CA
> -OSBC tackles the biggest issue in open source: Open Sourcing the
> Enterprise
> -Strategies to boost innovation and cut costs with open source
> participation
> -Receive a $600 discount off the registration fee with the source code:
> SFAD
> http://p.sf.net/sfu/XcvMzF8H
> _______________________________________________________
> Nagios Plugin Development Mailing List
> Nagiosplug-devel at lists.sourceforge.net
> Unsubscribe at
> https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel
> ::: Please include plugins version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-plugins.org/archive/devel/attachments/20090302/e3f90bcc/attachment.html>


More information about the Devel mailing list