[Nagiosplug-devel] Checking for unknown NIS servers?
Andreas Ericsson
ae at op5.se
Mon Feb 13 11:56:07 CET 2006
C. Bensend wrote:
>>And this is where the trouble lies. How long should we wait for any
>>other server to respond, and how many broadcasts should we send?
>
>
> Yes, I think _I_ would make these configurable parameters.
Naturally. It could still mean you're getting invalid results if the
network is bogged though, and since that would be a false negative
(mostly everything else would return false positives in a too-highly
loaded network), you wouldn't know if it happened.
> On my
> network, I wouldn't have to wait that long. On other networks,
> NIS servers might be overwhelmed, or other factors, that would
> necessitate a different timeout and number-of-broadcasts values.
>
>
>>A much better way is to set up a daemon which listens to broadcasts and
>>shouts out loud if it hears one from the wrong server. You still have to
>>implement the NIS protocol (partially) but you can get rid of the
>>problem of having plugins run with elevated privileges and determining
>>how long to wait.
>
>
> Well, the _clients_ broadcast, but I don't think the servers
> do?
>
Ah. My bad. I'd still implement this as a daemon though, possibly with
unicast packets forwarded to a single host from the switch. That way
you'd see both queries and responses.
> Hmmmm, elevated privs - do you need root privs to broadcast? I've
> never touched that sort of thing myself.
>
Not necessarily, but unless you're broadcasting ICMP requests on a
patched Linux kernel I think you'll need a raw socket to see the replies.
--
Andreas Ericsson andreas.ericsson at op5.se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
More information about the Devel
mailing list