1748040 Members
4937 Online
108757 Solutions
New Discussion юеВ

do I need to run SNMP?

 
SOLVED
Go to solution
Dave Chamberlin
Trusted Contributor

do I need to run SNMP?

My system is running SNMP. It has been pointed out that there is a security risk because there is no community name specified in the conf file. What would I put there?
How do I find out if even need to run snmp? What does it actually do?
3 REPLIES 3
James A. Donovan
Honored Contributor

Re: do I need to run SNMP?

Unless you are monitoring/managing your system via something akin to HP OpenView NNM, there is generally no need to be running the SNMP daemons.

SNMP stands for Simple Network Management Protocol. Very simply put -- it is a protocol designed to allow you to monitor and manage networked devices from remote locations.

There is quite a bit more to it than just that, but there are plenty of books on the subject which can provide more and better details than I can.
Remember, wherever you go, there you are...
Steven Sim Kok Leong
Honored Contributor
Solution

Re: do I need to run SNMP?

Hi,

snmpd is most useful in performance monitoring and alerts. Even without HP Openview NNM, you can still make use of third party snmp commands such as snmpget and snmpwalk to query OS statistics within HP-UX MIB from a remote monitoring system. OS statistics in HP-UX MIB include CPU load, available free swap, available free memory, number of current ESTABLISHED TCP connections and number of concurrent processes. You can also retrieve other OS information such as the list of VGs, LVs, bdf and ps information as well from the MIB.

For graphical representations, you can make use of MRTG which allows you to plot cumulative daily, weekly, monthly and yearly graphs over the web.

For alerts, you can interface snmpget with scripts to email or page alert you when a threshold has been exceeded.

Because SNMP uses UDP, it does not need to establish a TCP connection just for the periodical (such as by cron) statistical collection. This minimises any performance impact it has with a normal TCP connection such as with SCP in comparison.

There are two major security concerns. It is a security concern if you allow the private MIB values to be accessed and over-written. By default, private MIBs are not writeable. The other major security concern lies with your PUBLIC community string. To prevent information collection (especially with regards to the exact processes running on your system) from unauthorized users over the network (which aids them in discovering any potential vulnerabilities in your system), you should modify your PUBLIC community string to a more secure and non-guessable name instead of just simply public.

SNMP traps is another area you can explore. They allow alerts to be triggered based on specific conditions without the need for periodic probing. However, they are harder to define.

Hope this helps. Regards.

Steven Sim
Brainbench MVP for Unix Admin
http://www.brainbench.com
Brian LaValley
New Member

Re: do I need to run SNMP?

I was using MRTG with HPUX 10.2 a few months ago. Then I upgraded to HPUX 11.0, and the machine no longer responds to the snmp requests. I have checked the config file and still no luck. Any ideas?