Some of those are true... The Xymon server can tell the client to run something IF the client has been pre-configured for it. I've never seen a config that allowed sending code to the client (upgrades?) and I've been using Xymon and it's predecessor, Big Brother, since 2000.? Are you maybe referring to remote logfetch via ssh?
Out of the box, all of those "objections" for Xymon are true for Zabbix as well.
Zabbix needs a MySQL instance set up to make it run too.
Nagios is just plain "fussy" with the same objections to encryption and triple A.
I think we all know what happened when the "secure" labyrinth called Solarwinds was breached.
My point is that simple is good.? Simple is in your control.
Your point John?
On 6/8/21 12:17 PM, John Thurston wrote:
It is worth noting that out of the box:
A) the Xymon client <> server communication channel is unencrypted TCP B) there is neither authentication or authorization of that channel C) any client may send valid messages for any hostname D) the Xymon server may send arbitrary code to the client for execution
-- Do things because you should, not just because you can.
John Thurston??? 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
On 6/8/2021 9:54 AM, Bruce Ferrell wrote:
The "worst", most technical thing I know about installing Xymon is building from source (my preferred method), but just about any modern Linux distro has binaries available.? The second "worst" thing is editing text files to configure it.? There have been configuration tools attempted, but to my knowledge, really gone nowhere.
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon