Nagios Support Forum

Hi Team,

We are using Nagios core 3.5.x version with nsclient 0.3.x installed on the client.

We are planning to upgrade the nsclient from 0.3.x to 0.4.x. Before that we want few thing to clarify

1. Is the nsclient 0.4.x still compatible with our nagios core 3.x that we are using ?
2. what sort of issues we will face after the upgradation, will we loose any monitoring?
3. Is there any security bug will it fix??

Kindly share your thoughts to help us on this.

Thanks in Advance,
Vivek

rohithroki wrote: 1. Is the nsclient 0.4.x still compatible with our nagios core 3.x that we are using ?
2. what sort of issues we will face after the upgradation, will we loose any monitoring?

It depends on your versions of the check_nt / check_nrpe plugins more than anything else because those are what will break if anything does. Nagios Core 3.x will keep doing it's thing, though.

It's also worth mentioning that NSClient++ 0.4 has some substantial changes from 0.3 to internal command names and the accepted parameters of those commands. You may need to change your Nagios Core service definitions depending on what their check_command is. You may also need to change your NSClient++ configuration file to accommodate new/changing configuration directives.

I don't know your organization, but if we're talking a few thousand services/hosts affected it might be worth considering biting the bullet and switching to NCPA for your agent(s).

rohithroki wrote:3. Is there any security bug will it fix??

Since NSClient++ follows semantic versioning (sort of, anyway), it would depend on the X of your 0.3.X version as well as your 0.4.X version. Here's the full change log:
https://github.com/mickem/nscp/blob/master/changelog

Though I would imagine if you're upgrading to the latest stable 0.4 version, it would definitely include a few security/bug fixes since the last stable 0.3.

Hello Macpra,

Thanks for the reply.

If we go for upgrading the nsclient 0.4x ,whether the following security vulnerability on port 5666 will be fixed on windows servers?
--- TLS/SSL Server Supports DES and IDEA Cipher Suites
--- TLS/SSL Server is enabling the POODLE attack
--- TLS/SSL Server Supports SSLv3
--- TLS/SSL Server Supports Anonymous Cipher Suites with no Key Authentication
--- OpenSSL SSL/TLS MITM vulnerability
--- TLS/SSL Server Supports Export Cipher Algorithms
--- TLS/SSL Server Supports RC4 Cipher Algorithms
--- TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)

If not, what is the precaution to fix the vulnerability?

can we replace NCPA agent for windows servers to fix the security vulnerability.

Please suggest on this.

Thanks
Simbu

I'll link @dwhitfield's reply:
https://support.nagios.com/forum/viewto ... 83#p242652

Asking the same question in multiple threads won't get a faster resolution.

rohithroki wrote:can we replace NCPA agent for windows servers to fix the security vulnerability.

Knowing absolutely nothing about the scan's criteria or methods, I cannot say. However, I can vouch that the maintainers of NCPA are very responsive on GitHub regarding security issues and bugs:
https://github.com/NagiosEnterprises/ncpa

rohithroki wrote: can we replace NCPA agent for windows servers to fix the security vulnerability.

Although we are not currently aware of any security vulnerabilities in NCPA, your security scan might come up with some. Since NCPA and NSClient share zero code (written in different languages), it should certainly remove the NSClient vulnerabilities. If you find some in NCPA, we would love to get those fixed.

Hi dwhitfield,

Thanks for the reply.

We are currently working on the testing phase of deploying NCPA.we have followed the installation procedure to deploy NCPA agent active check https://support.nagios.com/kb/article/n ... e-521.html on Nagios core 3.5.0 and set the token as per the procedure.

I have copied the check_ncpa.py under /usr/local/nagios/libexec and created the check command in nconf called check_ncpa with the arguments $USER1$/check_ncpa -H $HOSTADDRESS$ -p 5693 -v $ARG1$ $ARG2$ -u same like check_nt

On windows side,I have installed the NCPA agent and specify the token created in nagios server . I have created the service in Nconf (c drive alert) by using check command check_ncpa and added to the host.

The error I get the status information as " Null " in Nagios Monitoring console.

Please help us on this to go further and check whether the procedure I have done is correct or need to change.

Note: All the commands ( hosts,services,check commands) are declared via Nconf in Nagios server.

Cheers,
Simbu

rohithroki wrote:
Note: All the commands ( hosts,services,check commands) are declared via Nconf in Nagios server.

Please send those for review.

Hello ,

Thanks for the reply.

I have attached the document in detailed steps for the review.Please let me know the changes to proceed further.

Cheers,
Simbu

Hello dwhitfield,

Any updates on this thread.Waiting for your reply.

Cheers,
Simbu

If you'd like quicker support, I'd suggest becoming a customer: https://www.nagios.com/services/nagios- ... ort-plans/

If you are already a customer, then you should be posting in the customer forums: https://support.nagios.com/forum/viewforum.php?f=18

In the future, if you'd like to help us help you faster, please don't attach word documents, but type directly into the forum software (or type where you like and copy/paste).

We did not write, nor do we support nconf. You may end up needing to go to them for support.

That all said, it doesn't look like you are following the syntax laid out in https://support.nagios.com/kb/article/n ... a-722.html

Before the 5693 there should be a -P, but you have a -p. You need to make sure the arguments are formatted properly too, which is why I asked for the config files. Are you able to attach the config files nconf is creating?