HPE Community
Operating System - HP-UX
1825771 Members
2018 Online
109687 Solutions
New Discussion

Re: SNMP upgrade

 
José Enrique González
Frequent Advisor

‎03-23-2004 07:40 AM

‎03-23-2004 07:40 AM

SNMP upgrade

Hi:

Security Admin's have reported us a server (HP-UX 11.11) running on snmpv1 (OVSnmpAgent installed), with a pottential risk of attacks. I have installed the upgrade patch for snmp (PHSS_27858, consolidated) as indicated by the CERT Advisory, then stopped and started service. However, audit still reports server running on snmpv1. Anything else should be done? What could be missing? Thanks a lot in advance for your comments.
0 Kudos
Reply
2 REPLIES 2
Mourad Derriche
Occasional Advisor

‎03-24-2004 01:17 AM

‎03-24-2004 01:17 AM

Re: SNMP upgrade

The HP-UX standard SNMP daemon supports both SNMP v1 and v2.

The patch does not _upgrade_ the snmp implementation, but patches it.

I dont know why your audit program only reports it as snmpv1, but you would be able to verify it, by using a simple program to walk the snmp tree to get the version.
Read between the lines...
0 Kudos
Reply
KLoeff
Frequent Advisor

‎03-24-2004 09:51 AM

‎03-24-2004 09:51 AM

Re: SNMP upgrade

If you put Emanate patch 27858 you must be on OVSNMPAgent 14.2, I have upgraded to OVSNMPAgent 15.3 and when I run the security patch check it still wants me to put on 14.2 patch 27858, HP response was this:

The problem is HPUX SD revision tags for this new product with a 15.3 level of S
NMP have NOT changed from pre 15.3 release.
The fix for 11.x systems. The revision number is changed from B.11.11 to B.11.2
3.01 in NNM 7.01 release when it upgrades the SNMP Agent to 15.3.1.0 along with
NNM 7.01.

If you are on NNM 6.X / VPO 6.X the only fix is to upgrade NNM to 7.X or ignore the patch recommendation from the security check script which is what I am doing.

Kevin

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.