hi,

It seems to me that zabbix is accepting any data from any agent without any checking on the source of the data. Here is a scénario:

- zabbix is used to monitor host on the internet therefor is listening on public unfirewalled ip
- someone find the server and flood false data with zabbix_sender spoofing the hostname of the node

result: your monitoring is reporting false data (your host is down but the bad/missconfigured setting send you active data to make it appear up on your zabbix server)

Would it be handy to have a shared secret we could give to the agent and set in the zabbix node configuration (like a macro). This way each agent providing data should have the shared secret to be accepted by zabbix.

With ability to have a shared secret set in a macro we could setup a trust mecanism for the whole zabbix server and change the secret by group or host etc..

This would make it more secure and very easy to create a security policy to suit your need.

added as a feature request. thanks !

Hmmmm..... That's an interesting attack vector, one which I can see which might be made useful.

However adding a security layer is not an easy task. I looked into adding SSL/TLS to the Agent - Server connection and it's not quite an easy task.

Open a ticket in and attribute it to Zabbix Next so it can be tracked. Before you open it though check to ensure one has not been opened for this already, if there is one similar but not exactly you may wish to consider adding a comment to that ticket.

yes, the need to impersonate a server is good because in my virtualized environement i put data gathered on the host to the guest's zabbix profile but seeing that means that anybody can do the same on the internet to my monitoring system.

so a shared secret seems the easy way. SSL is very complex setup but offers encryption where shared key offer only identification (and yes brute forcing it could work but with a 64 char secret blowfish key it should be "enough"(tm) ). Don't know the impact on performance it can have.

i opened a ticket for it with allready some comments about the ssl tickets.

What was the ticket number? It should be added that whatever security is used, a standards based security setup should be used like SSL, or Kerberos. I think in this case Kerberos would be the best idea. Yes Kerberos is a challenge to set up sometimes, but it's been tested and is a standard maintained by a third party. Introducing a new encryption subsystem into Zabbix which is not based on a third party standard is a bad idea, and as has been mentioned in other threads just makes maintenance harder.

blowfish shared secret is well know, standard and simple to manage. Of course kerberos and SSL system are feature rich but lot harder to maintain/manage and some embeded device could have issue using them.

https://support.zabbix.com/browse/ZBXNEXT-571


of course shared secret cannot create son <=> father relationship like ssl do.