HPE Community
Operating System - HP-UX
1837341 Members
3441 Online
110116 Solutions
New Discussion

Re: HPUX SNMP Security

 
SOLVED
Go to solution
Ranjith_5
Honored Contributor

‎10-10-2005 07:50 PM

‎10-10-2005 07:50 PM

HPUX SNMP Security

Hi Experts,

How to secure SNMP community name on an HPUX machine. Presently I understand that it is set as PUBLIC. Attacker can now use this public community name to access the system and change system information. I want to use a private community name. How to achieve this in HPUX?

Thanks in advance

Regards,
Syam
0 Kudos
7 REPLIES 7
Alex Lavrov.
Honored Contributor

‎10-10-2005 08:01 PM

‎10-10-2005 08:01 PM

Re: HPUX SNMP Security

Public community is read-only usually, so the properties cannot be changed with it. Here is a little explanation I found in Google, hope it will help a bit:

SNMP Communities
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are:

Write = private
Read = public
SNMP Security
SNMP should be protected from the internet with a firewall. Beyond the SNMP community structure, there is one trap that adds some security to SNMP.

Send Authentication Trap - When a device receives an authentication that fails, a trap is sent to a management station.
Other configuration parameters that affect security are:


Accepted Community Names - Only requests from computers in the list of community names will be accepted.
Accept SNMP Packets from Any Host - This is checked by default. Setting specific hosts will increase security.
Only Accept SNMP Packets from These Hosts - Only requests from hosts on the list of IP addresses are accepted. Use IP, or IPX address or host name to identify the host.
I don't give a damn for a man that can only spell a word one way. (M. Twain)
0 Kudos
Derek Whigham_1
Trusted Contributor

‎10-10-2005 08:15 PM

‎10-10-2005 08:15 PM

Solution

Re: HPUX SNMP Security

By changing the file /etc/snmpd.conf to contain the line "set-community-name: Secret"

The restart the snmpd , If you don't really need snmp I would stop the services from running. Nessus always returns a high security warning against the HP-UX snmpd

Hope this helps
Divide and Conquer
0 Kudos
Ranjith_5
Honored Contributor

‎10-10-2005 08:27 PM

‎10-10-2005 08:27 PM

Re: HPUX SNMP Security

Hi Derek Whigham,

Thanks a million..Thanks to Alex also for your tips.

Regards,
Syam
0 Kudos
Ranjith_5
Honored Contributor

‎10-10-2005 08:41 PM

‎10-10-2005 08:41 PM

Re: HPUX SNMP Security

What will happen if I set the value to private? Is this less secureed than secret?

Regards,
Syam
0 Kudos
Alex Lavrov.
Honored Contributor

‎10-10-2005 09:46 PM

‎10-10-2005 09:46 PM

Re: HPUX SNMP Security

"A community name is a plain-text password mechanism that is used to weakly authenticate queries to agents of managed network devices."

Generally it's not advised to use public/private/secret strings for the community names, since they are too obvious. Come up with your own strings and change them frequently, like the password.

Alex.
I don't give a damn for a man that can only spell a word one way. (M. Twain)
0 Kudos
Ranjith_5
Honored Contributor

‎10-10-2005 10:07 PM

‎10-10-2005 10:07 PM

Re: HPUX SNMP Security

Hi Alex,

Thanks for the info.

Regards,
Syam
0 Kudos
Ranjith_5
Honored Contributor

‎10-10-2005 10:08 PM

‎10-10-2005 10:08 PM

Re: HPUX SNMP Security

thanks for all who replied.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.