Hello Dear Community,
I am supervising a large network infrastructure (more than 400 equipments) with Nagios using the NCPA agent. And I really find it very useful. However, I still have some ambiguities about the micro execution of the checks performed by Nagios Server. So my questions are as follow:
1- When Nagios performs a CPU usage check (for example), what is the command that is executed, by who and where (which side client or server), is that the client who execute the command and then the Nagios-Server just recover the check result performed by the client OR that the Nagios-Server who execute a script in the Client side to have the result.
2- I have developed customized scripts, one of them is used on a windows machine (python script), its purpose is to verify if a licence of one of my softwares is up-to-date and that it's not expired. I want this information to be displayed on my Nagios Server interface as a service. I wanna know how Nagios-Server will perform this check.
3- If these commands are executed on the client-side ? what can we do to avoid remote execution (by a hacker) of such commands, especially that these commands are performed using arguments, so is there any possibility to get hacked using a code injection or similar attack ?
4- What did Nagios team do to avoid such known vulnerability ?
5- Still we talking about NRPE in a NCPA environment or not ? do I have to forget everything about NRPE since I am having NCPA agent ? I still have this confusion about NCPA and NRPE ?
Thank you so much for your help
PLUGINS_WITH_NCPA
Re: PLUGINS_WITH_NCPA
The checks that are built into the NCPA client are writen in Python. These checks are initiated either by a Nagios server(active check) or by the client and then sent to the Nagios server(passive). Custom scripts like you have created can be integrated with the NCPA client. I'd recommend these sources for more informatin:
https://support.nagios.com/kb/article/n ... a-722.html
https://assets.nagios.com/downloads/nag ... ndows.html
Both active and passive checks will communicate with the Nagios server using a secure(https) connection. Active checks require a shared token to exectue and passive checks only executing commands in a config file that only admins should be able to edit.
NRPE is a completely differnet protocol and agent.
Feel free to also look over the code at https://github.com/NagiosEnterprises/ncpa.
https://support.nagios.com/kb/article/n ... a-722.html
https://assets.nagios.com/downloads/nag ... ndows.html
Both active and passive checks will communicate with the Nagios server using a secure(https) connection. Active checks require a shared token to exectue and passive checks only executing commands in a config file that only admins should be able to edit.
NRPE is a completely differnet protocol and agent.
Feel free to also look over the code at https://github.com/NagiosEnterprises/ncpa.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.