Search found 20 matches
- Wed Jan 27, 2021 7:10 pm
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
So what are my options then? Can I switch over to yum after it's already been installed via tarball?
- Tue Jan 26, 2021 4:49 pm
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
I would have preferred to do it via yum, but in following the installation guide, I had to build it out with the tarball. Can I download the x-5.8.1.tar.gz and reinstall with the install script that way? Would that be safe?
- Tue Jan 26, 2021 10:43 am
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
Does anyone have a checksum list for all of the files bundled in the nagiosxi 5.8.1 release? I'd like to compare mine to them, find any that might be different.
- Mon Jan 25, 2021 4:08 pm
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
Actually, I think I do still have an issue. As I mentioned before, I have my Nagios server behind an AWS WAF, and I discovered that there were still some attacks going on, most of them failing to get past the WAF. However, when I started up for work this morning, I discovered that there was an attac...
- Fri Jan 22, 2021 3:20 pm
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
connected: Let me be clear, since you apparently missed some of what I said before, it's not completely open. It is in AWS, sitting behind a load balancer, which has AWS's WAF enabled. There's 1,400 managed rules in place to block bad actors, which does catch plenty of stuff. It just unfortunately d...
- Fri Jan 22, 2021 1:00 pm
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Re: Nagios XI exploit
Hi, thanks for the quick replies! some quick responses: pspagnola: -Unfortunately, the site needs to remain public (ease of access from mobile devices that receive alerts), and the logs show the attacker trying all of the pages, so blocking some of them may not work. -There were 2 attacks. The first...
- Fri Jan 22, 2021 8:37 am
- Forum: Nagios XI
- Topic: Nagios XI exploit
- Replies: 14
- Views: 714
Nagios XI exploit
hello, My AWS hosted Nagios server has been attacked a few times now, and I'm not quite sure how to prevent it. I was running 5.7.4 for the last few months (I just now upgraded to 5.8.1). The behavior I'm seeing resembles CVE-2020-15901, but that was supposed to have been closed in 5.7.2. Here's a s...
- Fri Jan 22, 2021 7:15 am
- Forum: Nagios XI
- Topic: Transition from CentOS 6 to CentOS 8
- Replies: 2
- Views: 75
Re: Transition from CentOS 6 to CentOS 8
I don't have any info on the actual upgrade process, but I wanted to point out that CentOS 8 is in dispute with Redhat now... they're cutting it short, and changing it to be their beta test platform, rather than their binary equivalent downstream. Announcement was made in Dec, and caused an immediat...
- Tue Oct 27, 2020 9:41 am
- Forum: Nagios XI
- Topic: SMS as an escalation?
- Replies: 1
- Views: 32
SMS as an escalation?
Hello, I'm just starting to explore using SMS in NagiosXI. I've made sure all of my checks are utilizing the phpMailer, I've done basic configuration on my own account for my cellphone (added number, confirmed text, enabled specific types of alerts). How can I set up SMS to be an escalation method, ...
- Tue Oct 13, 2020 1:48 pm
- Forum: Nagios XI
- Topic: Timeperiod utilizing different Timezone
- Replies: 3
- Views: 45
Re: Timeperiod utilizing different Timezone
I'd love to see this functionality implemented; and I can't be the only person who has a need along these lines... I feel like anyone whose company is geographically diverse would benefit. So, yeah, please do submit a feature request. Thanks!