BladeSystem - General
1748213 Members
2953 Online
108759 Solutions
New Discussion юеВ

Changing SNMP community strings on BL460 ILO 2

 
Jason Wyttenbach
New Member

Changing SNMP community strings on BL460 ILO 2

I understand that the community string sent from ILo can not be changed from 'COMPAQ', but can it be changed via ILo 2? If so, how?
5 REPLIES 5
David Claypool
Honored Contributor

Re: Changing SNMP community strings on BL460 ILO 2

iLO and iLO2 don't run an actual SNMP stack; they just have the ability to send SNMP traps for some limited set of events. Host-based trap receiver services (e.g. snmptrap.exe in Windows, snmptrapd in Linux) ignore the community string in the message, so for all practical purposes it's not necessary, but in order to be a properly-formatted SNMP message it's got to be there.

There's no real security implication either because even if someone were to sniff 'COMPAQ' on your wire, it doesn't allow them to turn around and try to exploit your iLOs because they don't have an SNMP stack.
Jason Wyttenbach
New Member

Re: Changing SNMP community strings on BL460 ILO 2

For network uniformity, we would like to be able to change it. Should I take this answer as no, it can't be modified?
David Claypool
Honored Contributor

Re: Changing SNMP community strings on BL460 ILO 2

No, it's not possible--iLO doesn't have an SNMP stack as noted above.
VTO
New Member

Re: Changing SNMP community strings on BL460 ILO 2

If it doesn't has the stack, why my nessus scanner found the remote SNMP port / server (the iLO ip) replies to the default community string: public ?

VTO
New Member

Re: Changing SNMP community strings on BL460 ILO 2

I figured it out. The string was replied from the host. In my case, it was the Windows 2008 R2 SNMP responded to the scanner. I was able to change the sting under SNMP service > Secuirty tab under Services.