On Tue, Feb 10, 2009 at 10:06:39AM +0200, Neil Franken wrote:
I need to monitor several satellite sites with XyMon. These sites are
not available on our local LAN so I have to go via the internet. I am a
bit hesitant to open the ports etc since the information collected can
be used in foot printing the system. How would I go about securing the
service so that xymons information does not fall into the wrong hands?
For a solution now, OpenVPN would be my suggestion - it is very easy to
setup, uses standard OpenSSL encryption with digital certificates for
authentication, and has a nice price ($ 0,00). Plus you get a true VPN
connection to the server, so if need be you can SSH to the remote
servers through the VPN tunnel - or rdesktop, if they are Windows
servers.
In the slightly longer run, the Xymon clients will know how to use
an SSL-encrypted connection to the Xymon server. This is planned
for one of the releases that will show up over the coming months
(see my announcement from yesterday).
Regards,
Henrik