AIX SNMP Defaults

From: harikiri (harikiriat_private)
Date: Tue Feb 15 2000 - 16:58:06 PST

Next message: Bennett Todd: "Re: DDOS Attack Mitigation"

Previous message: Andrzej Bialecki: "Re: Packet Tracing (linux klog patch)"
Next in thread: Troy Bollinger: "Re: AIX SNMP Defaults"
Reply: Troy Bollinger: "Re: AIX SNMP Defaults"
Reply: Michal Zalewski: "Re: AIX SNMP Defaults"
Reply: Troy Bollinger: "Re: AIX SNMP Defaults"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Following on from Michael Zalewski's recent SNMP post, here's an issue i
noted on two AIX systems.

NOTE: This was seen on both AIX 4.3 and 4.2.

It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write privileges.
The community names are "private" and "system", but are only allowed from
localhost connections. Nevertheless, a local user may install an SNMP
client, and modify sensitive variables.

Excerpt from /etc/snmpd.conf:

	<snip>

	# 2. Set the community names and access privileges for hosts that can make
	#    requests of this snmpd agent.  Define these restrictions as follows:
	#
	#       community  <name>  <address>  <netmask>  <permissions> <view name>

	<snip>

	community       public
	community       private 127.0.0.1 255.255.255.255 readWrite
	community       system  127.0.0.1 255.255.255.255 readWrite 1.17.2

harikiri

Next message: Bennett Todd: "Re: DDOS Attack Mitigation"
Previous message: Andrzej Bialecki: "Re: Packet Tracing (linux klog patch)"
Next in thread: Troy Bollinger: "Re: AIX SNMP Defaults"
Reply: Troy Bollinger: "Re: AIX SNMP Defaults"
Reply: Michal Zalewski: "Re: AIX SNMP Defaults"
Reply: Troy Bollinger: "Re: AIX SNMP Defaults"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:11 PDT