Firewall Wizards mailing list archives
Re: Web Server Monitoring
From: Paul Robertson <proberts () patriot net>
Date: Sun, 14 Sep 2003 12:45:35 -0400 (EDT)
On Fri, 12 Sep 2003, Tony Turner wrote:
We have several web servers that we support throughout the southeast. We usually use VNC. I have a few questions for you. How secure is VNC and what are some known security risks. What is the best way to monitor
It isn't, perhaps you should read the documentation which comes with VNC, which (at least last I cheked) had a section on how it wasn't secure. I believe the authors recommended running it over SSH tunnels.
these servers? have used large scale monitoring tools that create tickets whenever a server or a switch stops responding, but this was all on the same network. I am looking at a program called Networkview. This product gives me a GUI interface with all of my sites and let's me know which are up or down. It will also email me if something goes down. It seems that it works great locally, but I need something that I can use over the Internet. Networkview will ping these IP addresses, but most of these webservers are behind routers or firewalls that block ICMP. WIll SNMP work over the internet and is it really necessary to block ICMP. How hard is SNMP to set up and where do I start?
SNMP is a secuirty nightmare, and you really, really don't want to expose current implementations to the Internet at large. If you're worried about Web services, grab a page every few minutes, and alert on errors for that, there are plenty of tools to do so, and writing one isn't all that difficult either. While out-of-band monitoring is generally a good thing, it's only a good thing when the channel is private. If you're going to use a public channel, then do in-band monitoring, since you *have* to expose HTTP to the world anyway, using it to check the status isn't the increase in risk that trying to do some other protocol is. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Web Server Monitoring Tony Turner (Sep 14)
- Re: Web Server Monitoring Paul Robertson (Sep 14)
- Re: Web Server Monitoring Vladimir Parkhaev (Sep 14)
- Re: Web Server Monitoring Jim McAtee (Sep 14)