- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- do I need to run SNMP?
Operating System - HP-UX
1752083
Members
5330
Online
108784
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-05-2001 01:43 PM
тАО01-05-2001 01:43 PM
My system is running SNMP. It has been pointed out that there is a security risk because there is no community name specified in the conf file. What would I put there?
How do I find out if even need to run snmp? What does it actually do?
How do I find out if even need to run snmp? What does it actually do?
Solved! Go to Solution.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-05-2001 01:56 PM
тАО01-05-2001 01:56 PM
Re: do I need to run SNMP?
Unless you are monitoring/managing your system via something akin to HP OpenView NNM, there is generally no need to be running the SNMP daemons.
SNMP stands for Simple Network Management Protocol. Very simply put -- it is a protocol designed to allow you to monitor and manage networked devices from remote locations.
There is quite a bit more to it than just that, but there are plenty of books on the subject which can provide more and better details than I can.
SNMP stands for Simple Network Management Protocol. Very simply put -- it is a protocol designed to allow you to monitor and manage networked devices from remote locations.
There is quite a bit more to it than just that, but there are plenty of books on the subject which can provide more and better details than I can.
Remember, wherever you go, there you are...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-05-2001 03:48 PM
тАО01-05-2001 03:48 PM
Solution
Hi,
snmpd is most useful in performance monitoring and alerts. Even without HP Openview NNM, you can still make use of third party snmp commands such as snmpget and snmpwalk to query OS statistics within HP-UX MIB from a remote monitoring system. OS statistics in HP-UX MIB include CPU load, available free swap, available free memory, number of current ESTABLISHED TCP connections and number of concurrent processes. You can also retrieve other OS information such as the list of VGs, LVs, bdf and ps information as well from the MIB.
For graphical representations, you can make use of MRTG which allows you to plot cumulative daily, weekly, monthly and yearly graphs over the web.
For alerts, you can interface snmpget with scripts to email or page alert you when a threshold has been exceeded.
Because SNMP uses UDP, it does not need to establish a TCP connection just for the periodical (such as by cron) statistical collection. This minimises any performance impact it has with a normal TCP connection such as with SCP in comparison.
There are two major security concerns. It is a security concern if you allow the private MIB values to be accessed and over-written. By default, private MIBs are not writeable. The other major security concern lies with your PUBLIC community string. To prevent information collection (especially with regards to the exact processes running on your system) from unauthorized users over the network (which aids them in discovering any potential vulnerabilities in your system), you should modify your PUBLIC community string to a more secure and non-guessable name instead of just simply public.
SNMP traps is another area you can explore. They allow alerts to be triggered based on specific conditions without the need for periodic probing. However, they are harder to define.
Hope this helps. Regards.
Steven Sim
Brainbench MVP for Unix Admin
http://www.brainbench.com
snmpd is most useful in performance monitoring and alerts. Even without HP Openview NNM, you can still make use of third party snmp commands such as snmpget and snmpwalk to query OS statistics within HP-UX MIB from a remote monitoring system. OS statistics in HP-UX MIB include CPU load, available free swap, available free memory, number of current ESTABLISHED TCP connections and number of concurrent processes. You can also retrieve other OS information such as the list of VGs, LVs, bdf and ps information as well from the MIB.
For graphical representations, you can make use of MRTG which allows you to plot cumulative daily, weekly, monthly and yearly graphs over the web.
For alerts, you can interface snmpget with scripts to email or page alert you when a threshold has been exceeded.
Because SNMP uses UDP, it does not need to establish a TCP connection just for the periodical (such as by cron) statistical collection. This minimises any performance impact it has with a normal TCP connection such as with SCP in comparison.
There are two major security concerns. It is a security concern if you allow the private MIB values to be accessed and over-written. By default, private MIBs are not writeable. The other major security concern lies with your PUBLIC community string. To prevent information collection (especially with regards to the exact processes running on your system) from unauthorized users over the network (which aids them in discovering any potential vulnerabilities in your system), you should modify your PUBLIC community string to a more secure and non-guessable name instead of just simply public.
SNMP traps is another area you can explore. They allow alerts to be triggered based on specific conditions without the need for periodic probing. However, they are harder to define.
Hope this helps. Regards.
Steven Sim
Brainbench MVP for Unix Admin
http://www.brainbench.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-10-2001 01:43 PM
тАО01-10-2001 01:43 PM
Re: do I need to run SNMP?
I was using MRTG with HPUX 10.2 a few months ago. Then I upgraded to HPUX 11.0, and the machine no longer responds to the snmp requests. I have checked the config file and still no luck. Any ideas?
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP