Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
Category: Security
Nagios plugins for monitoring security software.
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
Submit Your Nagios Project!
Help build Nagios Exchange for yourself and the entire the Nagios Community by your Nagios project to the site. It's easy - just create an account, login, and add a new listing. Read the FAQ for instructions.- Firewall Software (13 listings)
- VPN Software (13 listings)
check_freak Featured
www.nagios.com/freak-vulnerability-testerThe FREAK Vulnerability is a security vulnerability in OpenSSL that allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be decrypted or altered. Fr ...
Check Centrify
A plugin to check the Centrify service running on a local machine. It will report CPU and Memory of the adclient process, the zone, the DC and the version. -- Update 07/04/2016, new version of script uploaded which now accepts command line args and al ...
Check Iptables
www.techironic.comThis plugin check if the number of iptables rules loaded and the ones that are supposed to be loaded are the same. If the numbers are not ok it notifies nagios and logs on /var/log/iptables the users logged in at the time.
Check Nessus Scans
This is a check to download and parse a given Nessus scan (see http://www.tenable.com/products/nessus-vulnerability-scanner) and return the number of critical and high vulnerabilities.
Check New User creation in Linux
vishalvilaspatil.blogspot.inThis script will check if any new user is created on your linux server whenever the check is performed.
Check setting sshd (Security of SSH)
This check control the security of your SSH service (The setting of sshd_config file) 4 values are checking: PermitRootLogin, Protocol, Port and PermitEmptyPasswords For more detail ./check_setting_sshd.sh -h
check Synology Surveillance Station last recordings
This is a bash script that runs on my nagios server and goes out to a Synology Video server to check the Last Recording Start Time field of each camera. It needs the video URL, a (read-only) username and password and a camera number to function.
Check UniFi Video
This is a plugin (bash script) that pulls the latest recording time of UniFi video cameras from the UniFi video server. It uses JSON parsing to pull a single variable from the Unifi Video system through the Admin API.
Check Windows for Indicators of Compromise - Via Event ...
www.linuxincluded.com/uncovering-indicators-of-compromise/Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule via a Nagios NCPA agent, however, it may also be run from a command-line (fo ...
checkfilechange
This Nagios plugin monitors the state of files/directors, using the inotify State Monitoring tool, receiving as arguments the states and files/directors to be monitored, as well as the path of the log file, where the inotify registers the events, notifyin ...
checkIPtables
project.brain-force.ch/Nagios/wiki/plugins/security/firewallPlugin written as bash script to check the health of iptables and the rules in there. It performs several check: * checks command ($DEF_IPT and $DEF_IPS) and rulefiles ($DEF_IPT_RFILE and $DEF_IPS_RFILE), returns ...
CheckPSSignatures
github.com/sawft99/NagiosPluginsThis is a Nagios plugin that checks if any PowerShell scripts in the plugin folder have a soon to expire, expired, invalid, or non-existent signature. Full documentation: https://github.com/sawft99/NagiosPlugins
CheckSSLCertExpiry
A simple bash script to check if the ssl certificate is getting expire. If getting expired in 10 days then it will alert. Syntax: script : Feel free to change, as per need, example for -c and -w. For now I just made it simple.
check_apache404
This Nagios plugin monitors the Apache server log file in search of State 404, receiving as arguments the full path of the log file, and the maximum values for warning and critical, these values are passed in pairs (50.100), to specify the value of record ...
check_app
This Nagios plugin monitors the main principals where the executable files are stored, you can optionally be the user to define the principals that you want to monitor in accordance with your system's interests and configuration, by ticking the critical s ...
check_axis_stream_quality
This script use videoanalitycs methods to check quality of streaming of an Axis security ip camera in tow ways. Checking percentage of white (eg. IR malfunction) or the number of colors in the palette (eg. too dark image).
check_bad_apache_procs.sh
www.dougware.netThis is a simple BASH script that checks that only the correct Apache processes are running, and that no other processes (such as PERL scripts) are running as Apache. If it returns OK, it includes the text "0 Bad apache Processes Running". If it fails ...
check_barracuda_queue
members.dca.net/fpater/permanent/check_barracuda_queueMonitor Barracuda Spam Firewall Appliance queue sizes
check_bundle_audit
Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit, written in bash.
check_cert
github.com/cmadamsgit/nagios-plugins-cmadamsThis plugin makes an SSL/TLS connection to the specified server/port, validates the cert, and warns/errors on the number of days until the cert expires. It can be set to check an RSA or ECDSA cert, and can check some types of connections using STARTTLS.
check_cert_signing_algorithm_secure
www.cwsi.ieThis check connects to a specified host:port with OpenSSL to determine if the signing algorithm used on the server certificate is secure.
Check_client_cert_CAs_sent
www.cwsi.ieThis check uses OpenSSL to connect to a host:port and either confirm that it is specifying at least one accepted client certificate CA name, or compare the accepted CA names list returned by the host to a list supplied to the check. The purpose being tha ...
check_crl.py
raymii.org/cms/p_Nagios_plugin_to_check_crl_expiry_in_hoursThis is a nagios plugin which you can use to check if a CRL (Certificate Revocation List, public list with revoked certificates) is still valid. This is based on the check_crl.py plugin from [Michele Baldessari](http://acksyn.org/?p=690). I've modified it ...
check_crl_url
abi.renhart.com/index.php/2013/07/10/check-certificate-revocCheck Certificate Revocation List(CRL) expiration and validity
check_cuda
seigafuse.com/2010/08/20/barracuda-plug-in-for-nagios-v3-1/This plugin will check the length of the in, out and bounce queues on a Barracuda Spam Firewall using SNMP. The latest release (version 3) supports Barracuda Spam and Virus firewalls with firmware versions 3 and 4. The OIDs changed in V4 and the plug ...
check_ddos
This Nagios plugin monitors system network connections alerting whenever a large number of SYN recv states are verified. The quantities of connections to be considered excessive are passed as arguments, and when Nagios is exceeded alert with the states wa ...
check_defacement
This plugin check for a potential website defacement. The script curl the provided url and compare it with the previous curl. Several tests can be made, the default one is calculating how many pecentage of code have been changed since last check.
check_defacementpage
This Nagios plugin monitors the content of the Web page passed by URL as an argument, in search of potentially hazardous words, returning the critical state if a detection is made. By default, a set of words are defined, which can optionally be ignored, o ...
check_dnsbl
Perl plugin that checks a specified DNS blacklist such as bl.spamcop.net to see whether a host is listed. Depends on Net::DNS.
check_dnsip
This Nagios plugin monitors domain names and corresponding IP address, both passed as arguments, alerting with critical state if incompatibilities are verified. By default, Google DNS is used, however, optionally the user can set the DNS server that suits ...
check_dnssecurity
This Nagios plugin monitors the state of the DNSSEC configurations and points out with the critical state in case vulnerabilities (poor configuration, expired signatures, not using DNSSEC) be detected. The domain to be monitored is passed as an argument, ...
check_dshield_infocon
github.com/voodookid/check_dsheild_infoconUses the DShield API to check the Infocon status. Will return OK on green, WARNING on Yellow and Oragne, and CRITICAL on Red.
check_file_md5
Script to arbitrarily monitor the md5 checksums of any given file and throw a warning when a file is changed. Script is self-maintaining, in that it will update its own cache of checksums after a mismatch - this way, you don't have to remember to update t ...
check_file_md5s
Simple file integrity checker.
check_fw_av_ud
Small Utility for utilising the Windows WSC_SECURITY_PROVIDER functions and properties in Windows Vista and later
check_heartbleed
check_heartbleed allows you to check for the Heartbleed Vulnerability (CVE-2014-0160) of openssl on various systems. Version - 0.6 : Added TLSv1.0 and SSLv3.0 support If no version is specified, checks all versions. Altered output somewhat. Added opti ...
check_https_cert
Perlscript for checking a https-servers, with a ssl-client-certificate.
check_inactive
2024sight.comThis plugin checks whether there are inactive users on a system. The plugin requires CPAN module User-Utmp-1.8.
check_iponblacklist
This Nagios plugin monitors blacklists in search of a past IP address as an argument. By default, the plugin searches in 27 of the most popular blacklists, and can optionally be added to other lists, or ignored the set of predefined blacklists. This plugi ...
check_ipsec
Check ipsec connections from openswan or strongswan
check_kdc
Check Kerberos 5 KDC with shell commands
check_krb5_kdc.pl (Advanced Nagios Plugins Collection)
github.com/harisekhon/nagios-pluginsChecks a specific Kerberos KDC is working by getting a TGT using a keytab Create a nagios kerberos principal and export a keytab for it to use in this check Requirements: - Kerberos KDC - Kerberos Realm - nagios kerberos principal - exported k ...
check_krb5_kinit.pl (Advanced Nagios Plugins Collection...
github.com/harisekhon/nagios-pluginsChecks Kerberos is working by requesting a TGT from the KDC using a pre-exported keytab
check_leavers
github.com/garethrandall/check_leaversWhen employees leave a company, sometimes computer accounts are not deleted, meaning that they could become a security risk. This plugin checks for accounts of users who have left, using a central list of blacklisted usernames which is downloaded from a w ...
check_listening_ports (edouard.lamoine)
A plugin that check for all listening ports/services behind, and verify if these ports or services have been approved by the user. Adds Port monitoring security to Nagios, showing if some ports were opened, maybe in a malicious way. Done for MEVIA g ...
check_md5.sh
github.com/jackbenny/check_md5A plugin written in Bash to check the MD5 sum of a single file. In case the files MD5 change the plugin issues a critical state. This behavior can be changed by using a --warning argument, so that only a warning state is issued.
check_ncipher
www.pki.getronicspinkroccade.nl/website/NRPE plugin to check nCipher/nFast hardserver, nShield HSM status and inserted smartcard on RHEL and Solaris.