[Nagiosplug-devel] check_udp

Andreas Ericsson ae at op5.se
Thu Mar 23 15:29:01 CET 2006


sean finney wrote:
> On Thu, Mar 23, 2006 at 03:37:36PM +0100, Andreas Ericsson wrote:
> 
>>Sorry, no. There's no way of checking for open UDP ports without sending 
>>data and getting some sort of response.
> 
> 
> this is correct.  like i said earlier, perhaps sending a null byte
> or something might trigger a response, but i think it would be
> better (cleaner and more appropriate) to just have check_udp
> complain and die if it has nothing to send/receive.  
> 

Not only that. UDP is designed to be fire-and-forget, meaning most 
services that run it won't respond at all, no matter what's sent to it. 
We could perhaps bring in som nmap hackery but that would mean going 
over raw sockets so that's another suid root plugin. I think most users 
won't like it.

Anyways, it's definitely better to error out than sending some arbitrary 
data. I can imagine quite a lot of Bad Things happening when sending 
bogus data to f.e. a syslog or snmptrap daemon.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231




More information about the Devel mailing list