Dear managers,
I'v got only one reply from Nancy Davis (the reply is attached bellow) -
thank you very much, Nancy. So I suppose there is really nothing to do
against snmp-attacks on the server-level of network or simply nearly
nobody is interrested in this topic.
David Komanek
Nancy Davis wrote:
> We've taken a different approach. We block (and log) all snmp
> at the router level. That leaves our internal network available
> for using snmp tools.
>
> I haven't seen any "attacks" via snmp. They just use it to map
> out our networks and gain user/system info.
>
> Nancy
My original post:
>
> Dear Tru64-ers,
>
> my colleague is working on routers, switches etc. and says that there is a
> variety of possible attacks via SNMP to our network. He suggests me that I
> at least log all SNMP-querries directed to my servers to be
> "up-to-date". Therefore I have two questions:
>
> 1) How can I tell the snmpd to log all sessions, not only errors ?
>
> 2) Is on the attacks against snmpd something specific, or just
> "normal" buffer overflows etc. ?
>
> Thanks a lot.
>
> BR,
>
> David Komanek
>
Received on Thu Jan 27 2000 - 15:34:45 NZDT