Hi,
Point A can be fixed if you configure xymoncgimsg.cgi on the server. We have this in a password protected cgi-bin https location. We have curl and wget based drop-in replacement scripts for the native Xymon binary. The powershell windows clients also can use this to send data to the Xymon server.
So all data is encrypted and you need a username / password combo.
Stef
On 2021-06-08 21:28, Ralph M wrote:
I've been hoping for a fix for point A, encrypted communications, for some time.? At one time it was going to be rolled into the next release.
Ralph Mitchell
On Tue, Jun 8, 2021 at 3:17 PM John Thurston <john.thurston at alaska.gov <mailto:john.thurston at alaska.gov>> wrote:
It is worth noting that out of the box: A) the Xymon client <> server communication channel is unencrypted TCP B) there is neither authentication or authorization of that channel C) any client may send valid messages for any hostname D) the Xymon server may send arbitrary code to the client for execution -- Do things because you should, not just because you can. John Thurston? ? 907-465-8591 John.Thurston at alaska.gov <mailto:John.Thurston at alaska.gov> Department of Administration State of Alaska On 6/8/2021 9:54 AM, Bruce Ferrell wrote: > The "worst", most technical thing I know about installing Xymon is > building from source (my preferred method), but just about any modern > Linux distro has binaries available.? The second "worst" thing is > editing text files to configure it.? There have been configuration tools > attempted, but to my knowledge, really gone nowhere. _______________________________________________ Xymon mailing list Xymon at xymon.com <mailto:Xymon at xymon.com> http://lists.xymon.com/mailman/listinfo/xymon <http://lists.xymon.com/mailman/listinfo/xymon>
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon