I am running Nagios Core 4.4.5 on CentOS Linux release 7.7.1908 (Core). I have a specific question regarding TLS/SSL Cipher Suites vulnerability. Is there a way to detect any cipher suites vulnerability using Nagios Core Plugin and send alert notifications mentioning that the below cipher suites are weak reported by https://www.ssllabs.com/ssltest/ and https://testssl.sh/ testing tools.
For example below are the weak cipher suites reported
Weak Cipher Suites
Code: Select all
AES128-GCM-SHA256
AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384Strong Cipher Suites
Code: Select all
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384Code: Select all
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Nagios Core 4.4.5
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 2019-08-20
License: GPL
Website: https://www.nagios.org
Reading configuration data...
Read main config file okay...
Read object config files okay...
Running pre-flight check on configuration data...
Checking objects...
Checked 285 services.
Checked 30 hosts.
Checked 1 host groups.
Checked 0 service groups.
Checked 22 contacts.
Checked 9 contact groups.
Checked 39 commands.
Checked 5 time periods.
Checked 0 host escalations.
Checked 0 service escalations.
Checking for circular paths...
Checked 30 hosts
Checked 0 service dependencies
Checked 0 host dependencies
Checked 5 timeperiods
Checking global event handlers...
Checking obsessive compulsive processor commands...
Checking misc settings...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight checkBest Regards,
Kaushal
