Home page logo
/

basics logo Security Basics mailing list archives

Re: live monitoring TCP sessions (how to secure NTOP console)
From: Brent Gardner <brent.gardner () gmail com>
Date: Tue, 07 Aug 2007 09:57:05 -0700

sfmailsbm () gmail com wrote:
Talking about NTOP, this tool does not provide an easy way to control access to the console


Access is open to everyone (who knows where and how its installed)


Has someone been able to secure access to NTOP's console?


Thanks to all


Use stunnel with verify=3 (only allows known client certs to connect) to redirect the traffic over an encrypted port. Distribute client certs to those who need access to the NTOP console. Use firewall rules on the NTOP box to block traffic to the unencrypted NTOP port except from 127.0.0.1


Brent Gardner



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault