[collectd] Safety for exposing a collectd network listening port to internet

elliot.li.tech at gmail.com elliot.li.tech at gmail.com
Tue Jan 15 21:30:36 CET 2019


Hi!

Is it safe to expose a collectd network listening port to the internet? 
I will have other machines running collectd and sending data to this 
listener over the internet. I'll enable signature and encryption.

I've searched the CVE database for collectd and only found two 
vulnerabilities (CVE-2016-6254, CVE-2017-7401) that seem remotely 
exploitable. For now I have the impression that the network parsing part 
of collectd seems safe.

Any comments are welcome. Thank you!

-- 
Elliot



More information about the collectd mailing list