|
| | | Supreme Being
Group: Forum Members
Last Login: 6/20/2008 11:03:09 AM
Posts: 83, Visits: 20 |
| | In order to get WUG into our DMZ, we first need to have it pass a WebInspect scan. The scan results were sent to Ipswitch months ago but their repsonse was "see if the next version passes". I installed version 12 and no dice. Is there a way I can fix these errors? If not, if enough of us complain they may fix all the security vulnerabilities within their application...
__________________________________________
Kyle EmerickWUP 2006 Pro server: IBM x346, Dual 3.6 GHz HT, 2GB RAM, Win2K3 - remote SQL Server DB
~900 NT Services monitored on ~700 devices
No traps, logs, events, or data collection... just generic services monitored
Polling intervals staggered per map at 60, 120, 180 etc...
|
| |
| | | Junior Member
Group: Forum Members
Last Login: 7/7/2008 1:22:31 PM
Posts: 14, Visits: 17 |
| | We used to get this all the time from our security guy and 99% of these are false positives. I'm not in a position to evaluate the cross-site scripting attacks being valid or not but the other two errors are meaningless. Unhandled exception? Eh.. big deal. The suggestion is to place use uniform error codes or informational error messages doesn't strike me as a security issue. The http for logins? Click the SSL checkbox. Personally, if it's that big of an issue you can restrict via IP who has access to the server. Mike |
| |
| | | Supreme Being
Group: Forum Members
Last Login: 6/20/2008 11:03:09 AM
Posts: 83, Visits: 20 |
| Sounds good to me. I will try some of these things out and run them by our Information Security folks. Thank you for your time.
__________________________________________
Kyle EmerickWUP 2006 Pro server: IBM x346, Dual 3.6 GHz HT, 2GB RAM, Win2K3 - remote SQL Server DB
~900 NT Services monitored on ~700 devices
No traps, logs, events, or data collection... just generic services monitored
Polling intervals staggered per map at 60, 120, 180 etc... |
| |
| | | Forum Newbie
Group: Forum Members
Last Login: 7/24/2008 11:59:16 AM
Posts: 2, Visits: 14 |
| | What's the benefit of putting on the dmz? |
| |
| | | Supreme Being
Group: Forum Members
Last Login: 6/20/2008 11:03:09 AM
Posts: 83, Visits: 20 |
| Right now our Intranet WhatsUp server can only monitor ping on our DMZ servers. We would like to be able to monitor some of the servers services also.
__________________________________________
Kyle EmerickWUP 2006 Pro server: IBM x346, Dual 3.6 GHz HT, 2GB RAM, Win2K3 - remote SQL Server DB
~900 NT Services monitored on ~700 devices
No traps, logs, events, or data collection... just generic services monitored
Polling intervals staggered per map at 60, 120, 180 etc... |
| |
| | | 
Time Traveler
Group: WhatsUp Gold Expert
Last Login: 8/5/2008 2:50:38 PM
Posts: 1,363, Visits: 3,249 |
| | Kyle, unless you don't want to monitor your internal boxes, I think it's better to leave wug on the lan and open the relevant ports towards the dmz, rather than the other way around... Your system is probably more likely to be compromised if it's in the dmz, and if compromised and you opened ports towards the lan to allow for monitoring, well... Not to mention that you (possibly ?) have more hosts inside than on the dmz, so you would need to open towards lots of machines instead of towards a few ones... ?
Reading, writing and arithmetic - If you need to choose, please take option 1. |
| |
| | | Supreme Being
Group: Forum Members
Last Login: 6/20/2008 11:03:09 AM
Posts: 83, Visits: 20 |
| I believe RPC is required for WhatsUp to interrogate Windows Services. I have been told there is no way RPC will be opened and so that means the only way to get the Services monitored is to place a WhatsUp box in our DMZ. The appraoch I am taking now is that I asked our Information Security team if they will allow WhatsUp in our DMZ if only the Operations folks IP addresses can see the WhatsUp website.
__________________________________________
Kyle EmerickWUP 2006 Pro server: IBM x346, Dual 3.6 GHz HT, 2GB RAM, Win2K3 - remote SQL Server DB
~900 NT Services monitored on ~700 devices
No traps, logs, events, or data collection... just generic services monitored
Polling intervals staggered per map at 60, 120, 180 etc... |
| |
| | |
Time Traveler
Group: WhatsUp Gold Expert
Last Login: 8/5/2008 2:50:38 PM
Posts: 1,363, Visits: 3,249 |
| | Ok, You will be happy to know that you can use snmp to monitor windows services : http://forums.ipswitch.com/Topic20001-14-1.aspx (thanks to MB-NS for finding back that one  ) And, well, indeed, I was about to tell you : if you don't need to acces the wug box from the web, then your security folks can simply deny that traffic, and it does not matter too much whether it's vulnerable or not then...
Reading, writing and arithmetic - If you need to choose, please take option 1. |
| |
|
|