PLUGINS_WITH_NCPA
Posted: Mon Jul 20, 2020 8:51 am
Hello Dear Community,
I am supervising a large network infrastructure (more than 400 equipments) with Nagios using the NCPA agent. And I really find it very useful. However, I still have some ambiguities about the micro execution of the checks performed by Nagios Server. So my questions are as follow:
1- When Nagios performs a CPU usage check (for example), what is the command that is executed, by who and where (which side client or server), is that the client who execute the command and then the Nagios-Server just recover the check result performed by the client OR that the Nagios-Server who execute a script in the Client side to have the result.
2- I have developed customized scripts, one of them is used on a windows machine (python script), its purpose is to verify if a licence of one of my softwares is up-to-date and that it's not expired. I want this information to be displayed on my Nagios Server interface as a service. I wanna know how Nagios-Server will perform this check.
3- If these commands are executed on the client-side ? what can we do to avoid remote execution (by a hacker) of such commands, especially that these commands are performed using arguments, so is there any possibility to get hacked using a code injection or similar attack ?
4- What did Nagios team do to avoid such known vulnerability ?
5- Still we talking about NRPE in a NCPA environment or not ? do I have to forget everything about NRPE since I am having NCPA agent ? I still have this confusion about NCPA and NRPE ?
Thank you so much for your help
I am supervising a large network infrastructure (more than 400 equipments) with Nagios using the NCPA agent. And I really find it very useful. However, I still have some ambiguities about the micro execution of the checks performed by Nagios Server. So my questions are as follow:
1- When Nagios performs a CPU usage check (for example), what is the command that is executed, by who and where (which side client or server), is that the client who execute the command and then the Nagios-Server just recover the check result performed by the client OR that the Nagios-Server who execute a script in the Client side to have the result.
2- I have developed customized scripts, one of them is used on a windows machine (python script), its purpose is to verify if a licence of one of my softwares is up-to-date and that it's not expired. I want this information to be displayed on my Nagios Server interface as a service. I wanna know how Nagios-Server will perform this check.
3- If these commands are executed on the client-side ? what can we do to avoid remote execution (by a hacker) of such commands, especially that these commands are performed using arguments, so is there any possibility to get hacked using a code injection or similar attack ?
4- What did Nagios team do to avoid such known vulnerability ?
5- Still we talking about NRPE in a NCPA environment or not ? do I have to forget everything about NRPE since I am having NCPA agent ? I still have this confusion about NCPA and NRPE ?
Thank you so much for your help