Centos – Nagios Hardening

centoscentos6nagiosSecurity

I've been trying to look into hardening Nagios (if there is such a thing…), but haven't found anything too definitive on what to do or guidance on what to even look at.

I'm wary to keep Nagios running until I know more about its potential security vulnerabilities and how to best remove those vulnerabilities, or at least harden it so that it's less of a potential problem.

I currently have Nagios disabled, as far as I can tell, until I can find ways to harden it a bit. No Nagios processes are running, and I have run chkconfig nagios off.

My Configuration is as follows:

  • CentOS 6.3 x64
  • Nagios Core 3.4.1

Here are the questions that I have:

  1. Is there anything else I need to check to make sure that Nagios is disabled?

  2. What are the possible security vulnerabilities with running Nagios
    in the default configuration?

  3. What are some steps that I can take to harden Nagios?

Best Answer

I found some tips in the Nagios documentation that deal specifically with security:

  1. Use a Dedicated Monitoring Box.
  2. Don't Run Nagios As Root.
  3. Lock Down The Check Result Directory.
  4. Lock Down The External Command File.
  5. Require Authentication In The CGIs.
  6. Implement Enhanced CGI Security Measures.
  7. Use Full Paths In Command Definitions.
  8. Hide Sensitive Information With $USERn$ Macros.
  9. Strip Dangerous Characters From Macros.
  10. Secure Access to Remote Agents.
  11. Secure Communication Channels.
Related Topic