The Housleys dot Net

SECURITY INFORMATION

Exploits

Versision upto and including 0.3.0 there was the posibility of a root style exploit. This was fixed in version 0.4.0

Versision upto and including 0.4.1 there was the config file exploit that allow an ordinary user to read any file. This was fixed in version 0.4.2

There are no know exploits for the current versions of healthd.

NETWORK PORTS

By default healthd listens on tcp port 9669, unless changed with the -P port option, for connections from healthdc. This allows the current values to be read remotely. This can be disabled by -L for "local mode".
If the system has tcp_wrappers installed, healthd will use that to control access.

ACTION SCRIPTS

Starting in version 0.6.0 healthd provides the capability to execute a script on warning and failure conditions. These commands/scripts will be executed as the same user healthd is running at, root by default. If an external script is used, then the standard care must be taken. This includes permissions on the files.
FreeBSD   Apache Web server   PHP: HTML - Embedded Scripting Language   MySQL
Mail any questions/concerns to webmaster