On Wed, 28 Apr 2010 11:23:06 -0300, Mario Andre Panza
<user-82c7780661a4@xymon.invalid> wrote:
Hi guys,
I was looking at the bbwin command line tool bbwincmd.exe help page and
something really get me worried.
There we have :
*Sending a drop
bbwincmd.exe <bbdisplay>[:<port>] drop <hostname> [<testname>]
Sending a hostname rename
bbwincmd.exe <bbdisplay>[:<port>] rename <hostname> <newhostname>
Sending a test rename
bbwincmd.exe <bbdisplay>[:<port>] rename <hostname> <oldtestname>
<newtestname
Sending a download message. default download path is the filename
requested
it
bbwincmd.exe <bbdisplay>[:<port>] download <hostname> <filename>
[<path>]
*I've tried from an agent to drop a test and thanks God doesn't work.
I've
tried from a linux xymon-client and thanks God again didin't work too.
I don't know why this is in the documentation , but my question is why
this
kind of administration commands are available at the agents?
In my opinion this is not a good idea.
If one day this kind of thing work, how we can avoid the server to
execute
this? Is there something in the configuration?
Regards,
Mario.
Hi,
I never tried to drop data from bbwin, but from bb command on Linux, I can
do it.
The only way I found to block it, until a new Xymon version including auth
is released, is to use firewall rules to filter hosts allowed to contact
Xymon server on port 1984 (default one)