On Wed, 28 Apr 2010 11:23:06 -0300, Mario Andre Panza <rower.master at gmail.com> wrote:
Hi guys,
I was looking at the bbwin command line tool bbwincmd.exe help page and something really get me worried. There we have :
*Sending a drop bbwincmd.exe <bbdisplay>[:<port>] drop <hostname> [<testname>] Sending a hostname rename bbwincmd.exe <bbdisplay>[:<port>] rename <hostname> <newhostname> Sending a test rename bbwincmd.exe <bbdisplay>[:<port>] rename <hostname> <oldtestname> <newtestname Sending a download message. default download path is the filename requested it bbwincmd.exe <bbdisplay>[:<port>] download <hostname> <filename> [<path>]
*I've tried from an agent to drop a test and thanks God doesn't work. I've tried from a linux xymon-client and thanks God again didin't work too. I don't know why this is in the documentation , but my question is why this kind of administration commands are available at the agents? In my opinion this is not a good idea. If one day this kind of thing work, how we can avoid the server to execute this? Is there something in the configuration?
Regards,
Mario.
Hi,
I never tried to drop data from bbwin, but from bb command on Linux, I can do it. The only way I found to block it, until a new Xymon version including auth is released, is to use firewall rules to filter hosts allowed to contact Xymon server on port 1984 (default one)