Re: disable SNMP
This is a discussion on Re: disable SNMP within the SNMP Coders forums, part of the Networking and Network Related category; Pardon to the easily annoyed, but I'm tired of "admins" not bothering to read and understand the ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-31-2008
|
|||
|
|||
Re: disable SNMP
Pardon to the easily annoyed, but I'm tired of "admins" not bothering to
read and understand the relevent documentation before asking others to solve their problems. Popli, Manish wrote: > I am running solaris-10 with NET-SNMP version: 5.0.9. > > My securities scan showing the vulnerability ID 9386 for this snmp > (**SNMP default community name).** > > http://cve.mitre.org/cgi-bin/cvename...=CVE-1999-0517 > > Fix – Disable this community name, or password protect use of it or > disable snmp if not using. That CVE entry aplies to every implementaion of SNMP, not just NetSMNP. If you are stupid enough to leave the default communities, then stop pretending to be a system administrator. > I would like to disable/remove net-snmp from my box. I am already done > with stopping the services and removed a package but still scan showing > issue for SNMP. > > Here is the some information of my Box. > > root@XXX.com> uname -a > SunOS XXX.com 5.10 Generic_127128-11 i86pc i386 i86pc > root@XXX.com> /usr/sfw/sbin/snmpd -v > NET-SNMP version: 5.0.9 > Web: http://www.net-snmp.org/ > Email: net-snmp-coders@lists.sourceforge.net > <mailto:net-snmp-coders@lists.sourceforge.net> > root@XXX.com> ps -eaf |grep -i snmp > root 4344 1 0 11:02:32 ? 0:00 /usr/sfw/sbin/snmpd > root 4392 3600 0 11:44:11 pts/2 0:00 grep -i snmp You did stop all SNMP services before removing packages? > root@XXX.com> svcs -a |grep -i snmp > disabled May_20 svc:/application/management/snmpdx:default > root@XXX.com> pkginfo |grep -i snmp > system SUNWjsnmp Java SNMP API > > How to remove/disable net-snmp or any other solution to get rid of this > vulnerability? Change the default communities? Disable the startup scripts/srevices? Uninstall all the SNMP packages, not just NetSNMP? -- There's no point in being grown up if you can't be childish sometimes. -- Dr. Who ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders 
|
|
06-04-2008
|
|||
|
|||
|
Re: disable SNMP
>>>>> On Sat, 31 May 2008 15:15:21 +1000, Andrew Hood <ajhood@fl.net.au> said:
AH> That CVE entry aplies to every implementaion of SNMP, not just NetSMNP. Actually, it doesn't apply to Net-SNMP. We do not turn on default communities. Now, some vendors that redistribute our package have turned on a default community (frequently "public" for the "system" tree). The base Net-SNMP package doesn't do this, nor do we recommend doing it. By default our agent spins up with a warning that says "you should configure me". -- Wes Hardaker Sparta, Inc. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders
|
Linear Mode
