
By using NSClient++ with Signed SSL Certificates and strong encryption, you can guard your monitoring traffic against eavesdroppers. If you are using NSClient++ to send data to your monitoring system and you care about the security of your network, by all means, make sure you use strong encryption like TLS 1.2 (not Anonymous Diffie-Helman!) and signed SSL certificates. With Anonymous Diffie-Hellman, the keys used in the exchange are not authenticated so the the protocol is susceptible to Man-in-the-Middle attacks.(1)
© Copyright 2019 Rex Consulting, Inc. - All rights reserved
Leave a Reply