Nagios Support Forum

Appreciate it. There hasn't been any new replies from your side. For me this is enough for me to construct the doc for our customer. You can close this thread if you like. Thank you again!

With the understanding that these are not quality-assured, tested statements and should not be taken as such , and that *emphasis* is used: Thank you for your input. Yes I will make sure to repeat the above statement again so there is no doubt. The understanding is any statements you (and other nag...

Tried to pare it down as much as possible. Here goes, any responses appreciated 1) Is it okay to disable the user accounts uucp, psotfix, ftp, mail, lp? 2) Any issues with locking down user accounts with password restrictions (e.g. password shall be a min of 6 chars) 3) In the /etc/ssh/sshd_config f...

At this point I need to mention that while we are glad to help with specific questions, reviewing a 29-page document and doing a line-item response for each section is well out of scope for this forum, and is tiptoeing on consultation work. Okay thank you for that answer. Any idea how much it would...

It looks like a fairly basic hardening guide, the problem is it entirely depends on how you have your environment set up and interact with your Nagios Core VM and what checks you are performing on the Nagios Core VM. Yes my impression is that it is a fairly standard hardening doc. I unfortunately d...

Alright, many things are covered in this doc. It looks good on face, but many of these suggestions are environment and configuration dependent. Has your security or ops teams looked this? Do you have any questions about specific items from the doc? Unfortunately not a question on a specific item, i...

part 3.
thanks!

The entire doc with snapshots too large, it is in three parts

Thanks!

Hello - Can I attach or post the hardening guide sent to me and have someone look through it and give me their recommendations? I understand that your recommendations of the hardening guide will not be run through any QA cycle of any sort and it is to our risk to test it and rollback. That being sai...

Hi, I will be going through the links today and tomorrow. Can I keep it open in case I have further questions?

We should be able to lock it as resolved by next Tuesday at the latest, hopefully earlier

Is this okay?