> It appears that on the above releases of AIX, the SNMP daemon is enabled > by default and two community names are enabled with read/write > privileges. > The community names are "private" and "system", but are only allowed > from localhost connections. Nevertheless, a local user may install an > SNMP client, and modify sensitive variables. > Since SNMP is UDP based, it is possible that you can spoof snmp set requests provided that: 1) There are no firewalls in between. 2) snmpd doesnt have any code to detect which interface an SNMP packet came in on (not likely). >From your output, it looks like the system community might be limited to a certain set of variables that it can read/write. (depending on what view name means) Dave G. <davegat_private> http://www.ksrt.org/~daveg http://www.ksrt.org
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:48 PDT