Dear Support,
Is it possibble somehow to disable following ciphers on port 5666 opened by Nagios Agent on windows?
ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES-CBC(168) Mac=SHA1
EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES-CBC(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES-CBC(56) Mac=SHA1
Thanks in advance,
Zoltan
NSCLIENT+++ 0.3.9.328
Re: NSCLIENT+++ 0.3.9.328
NSClient++ is not developed or maintained by Nagios. I would recommend posting your question on the NSClient++ support site. Having said that, it is possible that you would need to upgrade your agent to a newer version - 0.3.9 is quite old. I believe in the latest versions of NSClient++ you could specify the "allowed ciphers" in the nsclient.ini:
I am not sure if you could do this in ver. 0.3.9 but I pretty much doubt it.
Code: Select all
[/settings/NSClient/server]
# ALLOWED CIPHERS
allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTHBe sure to check out our Knowledgebase for helpful articles and solutions!
-
patalenszki.zoltan
- Posts: 40
- Joined: Tue Sep 13, 2016 9:16 am
Re: NSCLIENT+++ 0.3.9.328
It is the recommended version on your site: https://exchange.nagios.org/directory/A ... ++/details
I will ask my mangament not to extend our support contract. Most common answer is that "not supported by you". It is the waste of money.
Thanks,
Zoltan
I will ask my mangament not to extend our support contract. Most common answer is that "not supported by you". It is the waste of money.
Thanks,
Zoltan
Re: NSCLIENT+++ 0.3.9.328
Actually this is only the first time we have had to give this answer in any of the topics you have opened on this forum. The rest seem to have been resolved successfully. However, please note that we did provide more information than just "not supported". You are asking questions about third-party software, and we have provided advice to upgrade to a newer version (which is also included on the page you linked to). We also gave the configuration options you would need to set in order to achieve your desired state.patalenszki.zoltan wrote:Most common answer is that "not supported by you"
You might have missed that part of @lmiltchev's reply, so I will quote it below for reference:
Please let us know if you have additional questions.lmiltchev wrote:NSClient++ is not developed or maintained by Nagios. I would recommend posting your question on the NSClient++ support site. Having said that, it is possible that you would need to upgrade your agent to a newer version - 0.3.9 is quite old. I believe in the latest versions of NSClient++ you could specify the "allowed ciphers" in the nsclient.ini:I am not sure if you could do this in ver. 0.3.9 but I pretty much doubt it.Code: Select all
[/settings/NSClient/server] # ALLOWED CIPHERS allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
Former Nagios employee
-
patalenszki.zoltan
- Posts: 40
- Joined: Tue Sep 13, 2016 9:16 am
Re: NSCLIENT+++ 0.3.9.328
Thank you for your support!
I will try to upgrade nsclient, in current version allowed_ciphers is not supported.
Best Regards,
Zoltán
I will try to upgrade nsclient, in current version allowed_ciphers is not supported.
Best Regards,
Zoltán
Re: NSCLIENT+++ 0.3.9.328
Do you want us to keep the thread open just in case or it is ok to lock it? Thank you!
Be sure to check out our Knowledgebase for helpful articles and solutions!