Nagios Support Forum

yeah any input anyone has would be helpful lol. on my test machine, during the wireshark capture when I filter it with ip.dst == nagios ip I get HTTP Protocol packets that are sent in plain text. I don't get any HTTP Protocol packets when I run the same test in my VM.
heres the cleartext: and heres what it looks like from the VM: Anyone know why there are HTTP requests in one yet not the other when the same test is ran? Makes no sense...

I don't get any HTTP Protocol packets when I run the same test in my VM.

Can you elaborate? I am not sure I understand how you are testing this. If SSL is disabled in the nsclient.ini, the "check_nrpe" check, run from the XI box will fail...

Hi,

Sorry. The two screen shots above are both with enable_ssl=1
The top screenshot (green) is hitting the machine im currently using with a alias_cpu check. Under the Protocol column, there are a few HTTP packets that, when I click on them, populate the clear text check_nrpe command. And the HTTP packet below that, when I click on that I see the host returning the current CPU status in clear text.

But when I run the same check with a VM that I just spun up (bottom screenshot) I don't see any HTTP packets and every packet I click on is garbled.

So, I believe it is working in the VM, which is a brand new image. But the machine I am currently using has had the same image since October. I was just wondering if maybe I had installed something on here that is conflicting with the check_nrpe command or the nsclient.
I was thinking that maybe some sort of web serving software was running on this old machine that might be conflicting with the ssl option. Thought I would throw my train of thought out there and see if anyone has experienced the same problem.

If it is a web server/service type issue, that is kind of going to be a big deal for us as I am just testing on a win 7 machine now but we have plans to use nsclient with our server, ,ost of which are web. Thought I would inquire.

Thanks

bbailey6 wrote:I thought NSCA was only the client sending passive checks? I'll look into it a bit more.
I was really trying to get the Windows agent working just like the Linux one so we could be streamlined across all our servers.

I don't mean to totally derail this thread - but the problem is that nsclient is - well all over the board. As you've noticed the developer is slow to respond to a lot of queries and the documentation is cryptic at best. Admittedly a lot of the problems with security come back to Nagios and the origina implementation of NRPE, but that among other reasons is why NCPA is the new direction. NCPA was designed to be secure from the start - everything is transferred over https. Also regarding your concern of having a flat configuration - CP stands for Cross Platform. The ultimate goal is that this is *it* for plugins and we can quit with the acronmym soup.

No doubt NCPA is still to some degree in its infancy, but it is in wide production and we just recently released a new stable version.

If you can't get this very confusing behavior (I agree it is confusing and am surprised check_nrpe is working at all on your machine that is returning cleartext results) sorted it might be time to take a serious look at NCPA.

Now that I'm done derailing the actual topic - I'm sorry I don't have any great insight on why you're seeing what you're seeing. There are some known problems with the NRPE implementation of SSL, but none that I know of that would exhibit the behavior you're seeing. Hopefully the nsclient++ dev (community) can help.

ok. sorry bout all this. ill check out ncpa.
feel free to close the ticket