MRTG: security concerns?

registering · 08-06-2003, 10:22 AM

Hi all,
I just discovered mrtg which is a neat little tool. I'd like to make
the output world-viewable, however I'm not sure if this leaves
any exploits open. As far as I know mrtg doesn't introduce any
new security issues, it simply communicates with your router (or whatever) in an automated way, something anyone could do manually if they wished. Is it dangerous to have mrtg output world-viewable (via our internet website)?
Thanks for any pointers,
Josh

unSpawn · 08-06-2003, 07:21 PM

None AFAIK, since you're only sharing the output. Only thing I could question is the necessity for providing information to world. Restricting output to include only devices that are accessable to world anyway, and of those only the necessary objects, wouldn't give information gatherers much of a chance (if you also took care of "hardening" SNMP that is).

registering · 08-07-2003, 06:56 AM

Thanks for the feedback. I'll probably move it to our intranet just to be safe.

Especially since I'm new to linux.