Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToB13 - Nagios Reverse Tunneling Scripts #3524

Closed
steelhead31 opened this issue Apr 19, 2024 · 0 comments · Fixed by #3526
Closed

ToB13 - Nagios Reverse Tunneling Scripts #3524

steelhead31 opened this issue Apr 19, 2024 · 0 comments · Fixed by #3526
Assignees
@steelhead31
Labels
Nagios Nagios monitoring issues security

Comments

@steelhead31
Copy link
Contributor

steelhead31 commented Apr 19, 2024
edited

Fix the issue detailed in the trail of bits audit, re:

SSH clients maintain a list of known-good hosts they have connected to before. Host key verification is then used to prevent man-in-the-middle (MitM) attacks. The current method using a reverse tunnel to create the nagios configuration file, is insecure.

Following the security audit, the reverse tunnel scripts were deemed to be a security risk, vulnerable to man in the middle attacks. The creation of the nagios server specific config files, has already been migrated to the Nagios_Config playbook, and a new issue has been created for a new / amended playbook to configure the ssh connection. ( See #3525 )
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@steelhead31 steelhead31

Labels
Nagios Nagios monitoring issues security
Projects
2024 2Q Adoptium Plan
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

UnixPB: Remove Nagios Tunnel Scripts For Improved Security steelhead31/infrastructure
1 participant
@steelhead31