Dear managers.
Thanks to Sean O'Connell for the response to my "poor" summary. He
suggests that it is possible to modify the community definition in
etcsmnpd.conf. I thing it's a very good idea and I'll try
it. Mr. O'Connel's reply to my post is attached bellow to this message.
BR,
David Komanek
Date: Thu, 27 Jan 2000 11:20:56 -0500
From: Sean O'Connell
On 2000 Jan 27, David Komanek opined:
>
>
> Dear managers,
>
> I'v got only one reply from Nancy Davis (the reply is attached bellow) -
> thank you very much, Nancy. So I suppose there is really nothing to do
> against snmp-attacks on the server-level of network or simply nearly
> nobody is interrested in this topic.
David-
You can limit snmp to your alphas by a quick modification to
/etc/snmpd.conf, for instance I use something like:
community comm1 aaa.bbb.ccc.1 read
community comm2 aaa.bbb.ccc.2 read
community comm3 aaa.bbb.ccc.3 read
community comm4 aaa.bbb.ccc.4 read
The only problem seems to be that you can only have one ip address
per community (you might be able to use aaa.bbb.ccc.0 and limit it
to just your local class C, but not sure).
This way I can snmpwalk/mrtg my alphas from just a few machines. If you
don't use snmp at all, you could just prevent it from starting up in
the first place
cd /sbin/rc3.d
mv S49snmpd s49snmpd
and then kill off the running snmpd
/sbin/init.d/snmpd stop
Received on Mon Jan 31 2000 - 13:58:12 NZDT