librenms-librenms/doc/General/Security.md

source: General/Security.md
path: blob/master/doc/

# General

Like any good software we take security seriously. However, bugs do
make it into the software along with the history of the code base we
inherited. It's how we deal with identified vulnerabilities that
should show that we take things seriously.

# Securing your install

As with any system of this nature, we highly recommend that you
restrict access to the install via a firewall or VPN.

It is also highly recommended that the Web interface is protected with
an SSL certificate such as ones provided by [LetsEncrypt](http://www.letsencrypt.org).

Please ensure you keep your install [up to date](Updating.md).

# Reporting vulnerabilities

Like anyone, we appreciate the work people put in to find flaws in
software and welcome anyone to do so with LibreNMS, this will lead to
better quality and more secure software for everyone.

If you think you've found a vulnerability and want to discuss it with
some of the core team then you can email us at
[team@librenms.org](mailto:team@librenms.org) and we will endeavour to
get back to as quick as we can, this is usually within 24 hours.

We are happy to attribute credit to the findings but we ask that we're
given a chance to patch any vulnerability before public disclosure so
that our users can update as soon as a fix is available.
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00			`source: General/Security.md`
Updated to use new theme for docs site (#9320) * Updated to use new theme for docs site * Updated theme location * Removed librenms.css * Updated index page + re-added librenms.css * Use built in theme modification * flexbox grid, dump bootstrap * tidy up things * Added path and updated deploy script + mkdocs config * Removed db schmea changes * Updated to install python/pip 3 * Removed pip3 install * Pip3 install * Updated deploy-docs * Updated deploy-docs 2018-10-27 23:04:34 +01:00			`path: blob/master/doc/`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00
docs: more md linting (#10371) * clean 1-Minute-Polling.md formatting * cleanup formatting for Adding-a-Device.md * clean up formatting of Cleanup-options.md * cleanup formatting some for CLI-Tools.md * cleanup formatting for Syslog.md and Configuration.md * cleanup formatting for Device-Sensors.md * cleanup formatting for Device-Troubleshooting.md * cleanup Discovery Support.md * cleanup Environment-Variables.md * cleanup Example-Hardware-Setup.md and FAQ.mg * update Features.md, Install Validation.md, Perfermance.md, Poller Support.md, and index.md * cleanup Remote-Monitoring-VPN.md, SNMP-Configuration-Examples.md, and SSL-Configuration.md * lots of updates for Installation docs * more installation doc cleanup * more formatting cleanup * clean Work-Map.md up some 2019-07-18 21:25:53 -05:00			`# General`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00
docs: more md linting (#10371) * clean 1-Minute-Polling.md formatting * cleanup formatting for Adding-a-Device.md * clean up formatting of Cleanup-options.md * cleanup formatting some for CLI-Tools.md * cleanup formatting for Syslog.md and Configuration.md * cleanup formatting for Device-Sensors.md * cleanup formatting for Device-Troubleshooting.md * cleanup Discovery Support.md * cleanup Environment-Variables.md * cleanup Example-Hardware-Setup.md and FAQ.mg * update Features.md, Install Validation.md, Perfermance.md, Poller Support.md, and index.md * cleanup Remote-Monitoring-VPN.md, SNMP-Configuration-Examples.md, and SSL-Configuration.md * lots of updates for Installation docs * more installation doc cleanup * more formatting cleanup * clean Work-Map.md up some 2019-07-18 21:25:53 -05:00			`Like any good software we take security seriously. However, bugs do`
			`make it into the software along with the history of the code base we`
			`inherited. It's how we deal with identified vulnerabilities that`
			`should show that we take things seriously.`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00
docs: more md linting (#10371) * clean 1-Minute-Polling.md formatting * cleanup formatting for Adding-a-Device.md * clean up formatting of Cleanup-options.md * cleanup formatting some for CLI-Tools.md * cleanup formatting for Syslog.md and Configuration.md * cleanup formatting for Device-Sensors.md * cleanup formatting for Device-Troubleshooting.md * cleanup Discovery Support.md * cleanup Environment-Variables.md * cleanup Example-Hardware-Setup.md and FAQ.mg * update Features.md, Install Validation.md, Perfermance.md, Poller Support.md, and index.md * cleanup Remote-Monitoring-VPN.md, SNMP-Configuration-Examples.md, and SSL-Configuration.md * lots of updates for Installation docs * more installation doc cleanup * more formatting cleanup * clean Work-Map.md up some 2019-07-18 21:25:53 -05:00			`# Securing your install`

			`As with any system of this nature, we highly recommend that you`
			`restrict access to the install via a firewall or VPN.`

			`It is also highly recommended that the Web interface is protected with`
			`an SSL certificate such as ones provided by [LetsEncrypt](http://www.letsencrypt.org).`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00
			`Please ensure you keep your install [up to date](Updating.md).`

docs: more md linting (#10371) * clean 1-Minute-Polling.md formatting * cleanup formatting for Adding-a-Device.md * clean up formatting of Cleanup-options.md * cleanup formatting some for CLI-Tools.md * cleanup formatting for Syslog.md and Configuration.md * cleanup formatting for Device-Sensors.md * cleanup formatting for Device-Troubleshooting.md * cleanup Discovery Support.md * cleanup Environment-Variables.md * cleanup Example-Hardware-Setup.md and FAQ.mg * update Features.md, Install Validation.md, Perfermance.md, Poller Support.md, and index.md * cleanup Remote-Monitoring-VPN.md, SNMP-Configuration-Examples.md, and SSL-Configuration.md * lots of updates for Installation docs * more installation doc cleanup * more formatting cleanup * clean Work-Map.md up some 2019-07-18 21:25:53 -05:00			`# Reporting vulnerabilities`

			`Like anyone, we appreciate the work people put in to find flaws in`
			`software and welcome anyone to do so with LibreNMS, this will lead to`
			`better quality and more secure software for everyone.`

			`If you think you've found a vulnerability and want to discuss it with`
			`some of the core team then you can email us at`
			`[team@librenms.org](mailto:team@librenms.org) and we will endeavour to`
			`get back to as quick as we can, this is usually within 24 hours.`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00
docs: more md linting (#10371) * clean 1-Minute-Polling.md formatting * cleanup formatting for Adding-a-Device.md * clean up formatting of Cleanup-options.md * cleanup formatting some for CLI-Tools.md * cleanup formatting for Syslog.md and Configuration.md * cleanup formatting for Device-Sensors.md * cleanup formatting for Device-Troubleshooting.md * cleanup Discovery Support.md * cleanup Environment-Variables.md * cleanup Example-Hardware-Setup.md and FAQ.mg * update Features.md, Install Validation.md, Perfermance.md, Poller Support.md, and index.md * cleanup Remote-Monitoring-VPN.md, SNMP-Configuration-Examples.md, and SSL-Configuration.md * lots of updates for Installation docs * more installation doc cleanup * more formatting cleanup * clean Work-Map.md up some 2019-07-18 21:25:53 -05:00			`We are happy to attribute credit to the findings but we ask that we're`
			`given a chance to patch any vulnerability before public disclosure so`
			`that our users can update as soon as a fix is available.`
doc: Added doc on security and vulnerabilities 2016-10-07 11:21:19 +00:00