[collectd] Safety for exposing a collectd network listening port to internet
elliot.li.tech at gmail.com
Wed Jan 16 16:38:03 CET 2019
On 1/16/19 3:01 AM, Josef Liska wrote:
> I am using collectd on "the internets" for ages, but as was said in
> previous message, I have firewall and I limit access to hosts/networks
> that send me data.
> Enabling signatures and encryption can actually open new possible
> vulnerabilities due to used libraries.
I see. That indeed sounds problematic.
> Is there a special reason why not to use VPN and open collectd socket to
> the internets? If you want to be more secure, it might be good idea to
> use simple VPN with limited code base like wireguard.
I just want to make the system as simple as possible but still
reasonably secure. Well, it seems that a VPN or secure tunnel is needed.
I'll look into these options. Thanks!
More information about the collectd