[gentoo-user] SNMP Security

[gentoo-user] SNMP Security

[Michael Crute]

I am using Cacti on a firewalled production server to do all manner of
system monitoring and metrics. I would also like to setup SNMP on my
development servers that sits behind a firewall at a different data
center. Is there a way that I can securely allow SNMP access to my
development boxen from the production box. The end result I am looking
for is the ability to log in to a single instance of cacti and have
access to all of my servers all over the world. Is this possible to do
securely? Any recommendations?

-Mike

-- 
________________________________
Michael E. Crute
http://mike.crute.org

God put me on this earth to accomplish a certain number of things.
Right now I am so far behind that I will never die. --Bill Watterson
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: SNMP Security

[James]

Michael Crute <mcrute <at> gmail.com> writes:


> I am using Cacti on a firewalled production server to do all manner of
> system monitoring and metrics. I would also like to setup SNMP on my
> development servers that sits behind a firewall at a different data
> center. Is there a way that I can securely allow SNMP access to my
> development boxen from the production box. The end result I am looking
> for is the ability to log in to a single instance of cacti and have
> access to all of my servers all over the world. Is this possible to do
> securely? Any recommendations?

Hello Mike,

JFFNMS is a NMS with many,many more features than cacti.
www.jffnms.org
The user group is quite astute and very willing to help.
JFFNMS is very customizable and folks are adding support
for UPSesa and all sorts of ethernet based equipment on 
a very frequent basis. The archives are wonderful.
Support for SNMP 1/2/3 is a key part of JFFNMS. Several
of the JFFNMS devs know more about SNMP that anyone I've
encountered.... (YMMV)

There are 2 ebuilds for jffnms on gentoo:
net-analyzer/jffnms
     Available versions:  0.8.2 0.8.3
     Installed:           none
     Homepage:            http://www.jffnms.org/
     Description:         Network Management and Monitoring System.


0.8.2 is broken due many changes with gentoo.

0.8.3 has a few flag issues that can be worked thru manually. Do post
what you do with the flags listed in:
/usr/portage/net-analyzer/jffnms/jffnms-0.8.3.ebuild 
to bugzilla, so the devs can finalize what they are going to 
do with the flag options.

Drop me some email...

I do not think that JFFNMS is SElinux friendly, yet.


James




-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: SNMP Security

[Michael Crute]

On 10/30/06, James <wireless@tampabay.rr.com> wrote:
> Michael Crute <mcrute <at> gmail.com> writes:
>
>
> > I am using Cacti on a firewalled production server to do all manner of
> > system monitoring and metrics. I would also like to setup SNMP on my
> > development servers that sits behind a firewall at a different data
> > center. Is there a way that I can securely allow SNMP access to my
> > development boxen from the production box. The end result I am looking
> > for is the ability to log in to a single instance of cacti and have
> > access to all of my servers all over the world. Is this possible to do
> > securely? Any recommendations?
>
> Hello Mike,
>
> JFFNMS is a NMS with many,many more features than cacti.
> www.jffnms.org
<snip>
> James

Thanks for the suggestion James, I will have to check it out when I
get some time. Right now I'm stuck with cacti (I say stuck in the
nicest possible way) so I really need to figure out if SNMP is secure
enough to use across the internet.

-Mike

-- 
________________________________
Michael E. Crute
http://mike.crute.org

God put me on this earth to accomplish a certain number of things.
Right now I am so far behind that I will never die. --Bill Watterson
-- 
gentoo-user@gentoo.org mailing list