Re: [Nagios-users] Configuration files obfuscation

2009-06-16 Thread Assaf Flatto 
On Tuesday 16 June 2009 15:53:11 edward baddouh wrote:
> Hi,
>
> is ther a way to obfuscate configuration files?
>
> edward


You want the files to be more confusing then they are now ???
the easiest way is not to give self explanatory names to the files / 
directories .

btw - i have a question about this ...

Why ??

Are you trying to make the work on the configuration worse for yourself ?




-- 
Assaf Flatto





IMPORTANT . this email and the information in it may be confidential, legally
privileged and/or protected by law. It is intended solely for the use of the
person to whom it is addressed. If you are not the intended recipient, please
notify the sender immediately and do not disclose the contents to any other
person, use it for any purpose, or store or copy the information in any medium.
Please also delete all copies of this email and any attachments from your
system.

We cannot guarantee the security or confidentiality of email communications. We
do not accept any liability for losses or damages that you may suffer as a
result of your receipt of this email including but not limited to computer
service or system failure, access delays or interruption, data non-delivery or
mis-delivery, computer viruses or other harmful components.

Copyright in this email and any attachments belong to Select Service Partner UK
Limited. Should you communicate with anyone at Select Service Partner UK 
Limited by
email, you consent to us monitoring and reading any such correspondence.

Nothing in this email shall be taken or read as suggesting, proposing or
relating to any agreement concerted practice or other practice that could
infringe UK or EC competition legislation.

Select Service Partner UK Limited is a company registered in England and Wales
(company number 05687183) whose registered office is at 1 The Heights, 
Brooklands, Weybridge. Surrey. KT13 0NY
 
 

--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Configuration files obfuscation

2009-06-16 Thread Marc Powell 

On Jun 16, 2009, at 10:53 AM, edward baddouh wrote:

> Hi,
>
> is ther a way to obfuscate configuration files?

obfuscate as in encrypt or otherwise make illegible if inspected -- no.

Filesystem permissions/SELinux are pretty much your only options.

--
Marc

--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Configuration files obfuscation

2009-06-16 Thread Mat W 

if the idea is for others not to see it... why not just ensure proper file 
ownership and limited permissions?

 

Assuming only Root and Nagios users can read the file... I'd think anyone that 
could become those users should be able to read them anyway.

-- 
Mat W. - http://www.techadre.com


 


Date: Tue, 16 Jun 2009 11:53:11 -0400
From: ebadd...@gmail.com
To: nagios-users@lists.sourceforge.net
Subject: [Nagios-users] Configuration files obfuscation

Hi,

is ther a way to obfuscate configuration files?

edward

_
Bing™  brings you maps, menus, and reviews organized in one place.   Try it now.
http://www.bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TEXT_MLOGEN_Core_tagline_local_1x1--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Configuration files obfuscation

2009-06-16 Thread Andrew Davis 
One idea that we do here is to chroot the entire nagios dir and all 
related components (mysql, apache, etc). The parent directory of the 
chroot is owned by root and set to 700 perm's. It requires a bit of 
tweaking to get it right and lots of reading through log files to work 
out the inital bugs, but once that's done, it works. For that matter, 
the server itself is virtualized... so its chrooted within a virtualized 
container.


Are you concerned with users getting in through the web page and 
accessing the raw files and then knowing about your inside network or 
employees gaining physical access to the server? The approach to protect 
each is different. Or perhaps you're passing username/password combos in 
some of the cfg files (ie: http testing, etc), so you want to hide that? 
Easier solution is a nagios user with limited access to use for this 
purpose. If you can elaborate on your areas of concern, we could 
probably offer further input.


 A. Davis
 Email: ncc...@gmail.com

 "There is no limit to what a man can accomplish
  if he doesn't care who gets the credit." - Ronald Reagan



Mat W wrote:
if the idea is for others not to see it... why not just ensure proper 
file ownership and limited permissions?
 
Assuming only Root and Nagios users can read the file... I'd think 
anyone that could become those users should be able to read them anyway.


--
Mat W. - http://www.techadre.com 


 


Date: Tue, 16 Jun 2009 11:53:11 -0400
From: ebadd...@gmail.com
To: nagios-users@lists.sourceforge.net
Subject: [Nagios-users] Configuration files obfuscation

Hi,

is ther a way to obfuscate configuration files?

edward


Bing™ brings you maps, menus, and reviews organized in one place. Try 
it now. 
 




--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.

http://p.sf.net/sfu/businessobjects


___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null