cancel
Showing results for 
Search instead for 
Did you mean: 

SNMP issue

prasathc_2
Occasional Advisor

SNMP issue

Hi All,

I want to get your valuable advice with respect to SNMP agent, as we got recommendation from our audit group that we need to do the following

1) Change default and easy to guess SNMP community names on all systems.
2) - Develop procedures for deploying new systems. The procedures should contain checklists of services that can
be disabled and best practices regarding the configuration of services that need to be enabled.

The deamon is running as below

Host1:>/sbin/rc2.d# ps -aef | grep -i snmpd
root 1289 1 0 Nov 2 ? 0:00 /usr/sbin/snmpdm
root 3988 798 0 12:32:16 pts/3 0:00 grep -i snmpd

and also in the /etc/snmpd.conf -> /etc/SnmpAgent.d/snmpd.conf
the one is enabled.

get-community-name: public
#set-community-name: # enter community name
#contact: # enter contact person for agent
#location: # enter location of agent
#max-trap-dest: # enter max no. of trap-dest entries to be maintained.
#trap-dest: # enter trap destination

And also I would like to know what are all the applications are accessing this SNMP, and what issues will I face If I comment SNMP (or) remove SNMP.

But I’m really new to SNMP configuration. Not sure how to proceed, could anyone guide me in this regards.

Thanks
Prasath C
3 REPLIES
Steven E. Protter
Exalted Contributor

Re: SNMP issue

Shalom,

You should change the public community name so people can not guess it.

Then test it with tools like snmpwalk

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Tim Nelson
Honored Contributor

Re: SNMP issue

Let's skip to question 2 first.

do you use snmp ? if not disable it with all the other services that you do not use.

prasathc_2
Occasional Advisor

Re: SNMP issue

Thx Steve for your reply. I would like to get more details on this.

If I change the community name what will be the impact.

1) Pls let me know the syntax of snmpwalk

2) And how to change, shall I use the below syntax
get-community-name: 0green4u IP=xxx.xxx.xxx.xxx
set-community-name: 0yellow4you IP=xxx.xxx.xxx.xxx

3) Pls tell me how to check what are all the applications are using SNMP. I guess some other applicatoin is using SNMP.

Thanks in Advance
Prasath C