NRPE_Security

y-badrou · Post by **y-badrou** » Fri Aug 21, 2020 2:14 am

Hi,

Until now, I really want to know what are security vulnerabilities related to NRPE ? What do I have to do to prevent and avoid those vulnerabilities ?

Thank you

jbrunkow · Post by **jbrunkow** » Fri Aug 21, 2020 3:34 pm

Hello @y-badrou!

Welcome to the forum.

This is a fairly broad topic, but I will do the best I can. The exact security procedures you follow should be defined by your information security team. The best policies may vary depending on how your environment is set up and what compliance regulation your industry is subject to.

There was one vulnerability reported for NRPE, but it is only present if the administrator enables dont_blame_nrpe in the nrpe.conf and has since been fixed.
CVE 2014-2913

Your first defense should be to put your systems behind a strong firewall. If you are not able to do that, make sure the connections between devices is encrypted. If you need this system to be super secure for some reason, you could even setup Nagios offline.

I hope that helps! Let me know if I can answer any more specific questions.

y-badrou · Post by **y-badrou** » Wed Aug 26, 2020 1:49 am

Thank you so much for your answer

scottwilkerson · Post by **scottwilkerson** » Wed Aug 26, 2020 7:01 am

y-badrou wrote:Thank you so much for your answer

No problem

Locking thread

Nagios Support Forum

NRPE_Security

NRPE_Security

Re: NRPE_Security

Re: NRPE_Security

Re: NRPE_Security