Nagios Support Forum

I have recently installed the Nagios Core 4.4.5 on OEL 7.

I am trying to migrate my Current Nagios(Which is installed on CentOS) to the above mentioned installation.

I have just installed Nagios and installed the ndo2db as well on the new server. Also installed the some pre-requisites for the monitoring the ESX Hosts data store.

But the Qualys Scan shows the Vulnerability
1) EOL Software PostgreSQL--- Can you please do let me if Nagios uses the this or not, If not can i remove this software from the server.
2) HTTP Trace/Track methods enabled
3) Web directories Listable Vulnerability

Also please do let me know how to remove the other vulnerabilities.

Regards
Amit

I just saw one post regarding converting the PostgreSQL to the mysql.

Is it same applicable for the Nagios core?

I hope that it will help us with removing the vulnerability as well.

https://support.nagios.com/kb/article/c ... i-560.html

ndoutils used mysql, so if you have postgresql installed if was from something else.

None of these advisories are Nagios related

Thnaks Scott for taking time out and giving the clarification.

So i will remove the Software PostgreSQL.

Also I will
Disable the HTTP Trace/Track methods.
Disable Web directories Listable

Hope it will not have any impact on the Nagios Server/Monitoring.

amitgupta19 wrote:Thnaks Scott for taking time out and giving the clarification.

So i will remove the Software PostgreSQL.

Also I will
Disable the HTTP Trace/Track methods.
Disable Web directories Listable

Hope it will not have any impact on the Nagios Server/Monitoring.

It should not at all

Do you have any idea how to disable the following:

HTTP Trace/Track methods enabled
Web directories Listable Vulnerability

amitgupta19 wrote:Do you have any idea how to disable the following:

HTTP Trace/Track methods enabled
Web directories Listable Vulnerability

No, that would likely be in the web server (httpd) documentation for your OS