Solaris 10 NRPE monitoring securely via TCPWRAPPERS


#1

Hi! I was wondering if I could get some input on how to securely monitor Solaris 10 hosts using the NRPE daemon. I am currently monitoring Solaris 9 boxes using tcpwrappers and inetd.conf. However Solaris 10 does not use inetd.conf but rather SMF. When I added NRPE to inetd.conf I also ran inetconv to convert the inetd.conf entry into SMF. I then proceeded to creating the hosts.allow and hosts.deny. The problem is that when I issue a telnet from a server other than the 192.168.2.135 which is the nagios server I can connet to the NRPE daemon on 5666 fully. With tcpwrappers enabled on Solaris 9 the connection was immediately dropped. Solaris 10 however accepts the connection and allows input. How do we securely monitor hosts via NRPE on Solaris 10?

hosts.allow

nrpe: LOCAL, 192.168.2.135

hosts.deny

nrpe: ALL

Entry in /etc/inetd.conf:

nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin /nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

Entry in /etc/services

nrpe 5666/tcp # Nagios NPRE