NRPE safe over public IP

Engage with the community of users including those using the open source solutions.
Includes Nagios Core, Plugins, and NCPA

NRPE safe over public IP

Postby brian.bbc » Thu Aug 05, 2021 12:13 pm

Hello,
I just started managing our Nagios server which hasn't been updated in some time. I noticed that several of the servers are being queried over NRPE and referenced by their public IP address. Is this a security risk? We do have firewall rules set up to lock down connections and allow only for specific IP addresses but I am concerned about what information may be transmitted across the internet.
brian.bbc
 
Posts: 1
Joined: Thu Aug 05, 2021 12:09 pm

Re: NRPE safe over public IP

Postby pbroste » Mon Aug 09, 2021 4:57 pm

Hello @brian.bbc

Thanks for reaching out. There are pros and cons of monitoring off of WAN where everybody can snoop. The good thing is that NRPE only uses one port for monitoring and only needs that one port open for monitoring. If you are concerned about the security aspects of monitoring over WAN, you could configure over ssh.

Thanks,
Perry
User avatar
pbroste
 
Posts: 722
Joined: Tue Jun 01, 2021 1:27 pm

Re: NRPE safe over public IP

Postby mcapra » Tue Aug 10, 2021 9:46 am

brian.bbc wrote:I noticed that several of the servers are being queried over NRPE and referenced by their public IP address. Is this a security risk?


It's not good practice to have any "monitoring stuff" be public facing, regardless of whether that's NRPE or NCPA or a Prometheus exporter or a Telegraf agent. From the perspective of a malicious actor It's at least a useful recon tool, and at best an attack surface.

Assuming your org has solid change control processes around this firewall:

brian.bbc wrote:We do have firewall rules set up to lock down connections and allow only for specific IP addresses


You should be fine.
Former Nagios employee
https://www.mcapra.com/
User avatar
mcapra
 
Posts: 3729
Joined: Thu May 05, 2016 3:54 pm


Return to Community Support

Who is online

Users browsing this forum: No registered users and 13 guests