HPE Community
Operating System - HP-UX
1753842 Members
8948 Online
108806 Solutions
New Discussion юеВ

Re: How to configure snmp

 
SOLVED
Go to solution
Christian Marquardt_1
Regular Advisor

тАО07-19-2005 04:15 PM

тАО07-19-2005 04:15 PM

How to configure snmp

Hello,
I need to know how to configure the snmp service in hp/ux.
Is there any configuration file?

regards
Christian
0 Kudos
Reply
3 REPLIES 3
Donald Kok
Respected Contributor

тАО07-19-2005 04:18 PM

тАО07-19-2005 04:18 PM

Solution

Re: How to configure snmp

Hi Christian,
the config file is in /etc/snmpd.conf
Greetzz
Donald
My systems are 100% Murphy Compliant. Guaranteed!!!
Reply
Mahesh Kumar Malik
Honored Contributor

тАО07-19-2005 10:15 PM

тАО07-19-2005 10:15 PM

Re: How to configure snmp

Hi Christian

Following file needs to be edited
/etc/snmpd.conf


SNMP in hp-ux has limited functionality.If you plan to use SNMP in full,please download net-snmp from freeware

Regards
Mahesh
Reply
Bill Alger
Occasional Advisor

тАО07-28-2005 02:23 AM

тАО07-28-2005 02:23 AM

Re: How to configure snmp

Christian,
I wanted to let you know:
SNMP has many tools that can allow a hacker to build attacks on your systems. If possable I would recommend not using snmp and disabling it. ISS, NESSUS, CERT.ORG and others have many vulnerabilities abount SNMP

Here are my recommendations to do this:
cd /sbin/rc2.d
./S560SnmpMaster stop
mv S560SnmpMaster s560SnmpMaster
./S565SnmpHpunix stop
mv S565SnmpHpunix s565SnmpHpunix
./S565SnmpMib2 stop
mv S565SnmpMib2 s565SnmpMib2
cd /sbin/rc1.d
mv K440SnmpMaster k440SnmpMaster
mv K435SnmpHpunix k435SnmpHpunix
mv K435SnmpMib2 k435SnmpMib2

Remove the execute permissions from /usr/sbin/snmpd and /usr/sbin/snmpdm

cd /etc/rc.config.d
modify SnmpMaster for the following entry:
SNMP_MASTER_START=0 # Start the master SNMP agent.
Modify SnmpHpunix for the following entry:
SNMP_HPUNIX_START=0 # Start the hp-unix MIB SNMP subAgent by default.
Modify SnmpMib2 for the following entry:
SNMP_MIB2_START=0 # Start the MIB2 SNMP subAgent.

If you can not disable SNMP, you can make it more secure.
Edit the /etc/SnmpAgent.d/snmpd.conf file and change the following section in red:
Old:
set-community-name: public
get-community-name: public
New:
set-community-name: Othername
get-community-name: Othername

Othername is a name you decide on. This name should be on all the same systems with a need to communicate via snmp on your network.
It is also recommended to change the login banner to something generic. You should be able to use the snmpd command with the ├в -sysDescr ├в or ├в :-sys ├в options to change it.

I hope this helps.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.