Re: SNMP community strings

From: Dave Pimlott (newsgroups@SPAMFILTERdavepimlott.info)
Date: 05/27/02 

Date: Mon, 27 May 2002 09:56:38 +0000
From: Dave Pimlott <newsgroups@SPAMFILTERdavepimlott.info>

Nick Krontiris wrote:
>
> After that, I restarted then snmp daemon and run a snmp query on the
> machine using a command line from a linux box, querying the "public"
> community strings, as well as from a windows machine running
> solarwinds. The answer came back normally, just like before. Then, I
> queried again using the new community strings, but no answer came back
> meaning that the new queries did not use the community strings I had
> set, but the default public ones.
> I thought that maybe there were more daemons running that involve
> snmp, so I rebooted the unix box.
> To my surprise, my manual query from my linux box as well as
> solarwinds replied once more that the community strings were set to
> "public".
> So I guess the answer to your question is that I restarted the daemon,
> and after I saw that this did not work, I rebooted the machine...

Cool, that should have worked... what I didn't want to say in my first
post was - "did you restart the SNMP daemon" because some might take
offense at such an elementary suggestion...

I only have experience of the UCD SNMP implementation on Solaris, but
here goes with some generic ideas:
- search for all files with snmp in them, I would use "find / -print |
grep snmp" you might have a better solution. Check for conf files in
places you haven't modified.
- you might have been on the right track with your idea about multiple
daemons, try "ps -ef | grep snmp" (for SysV style unix) or "ps ax | grep
snmp" (for BSD style).
- for SysV unices check the init scripts to see if the conf file is hard
coded.
- check the man page for other / default conf files?!?

Hope this helps...

Dave.

Relevant Pages

  • Re: SNMP community strings
    ... I restarted then snmp daemon and run a snmp query on the ... > queried again using the new community strings, ... post was - "did you restart the SNMP daemon" because some might take ...
    (comp.security.unix)
  • SUMMARY: SNMP question
    ... Thank you all for the quick and very informative responses. ... What you sort of did was prevent any public read access of any SNMP ... community string by default, this is an easy thing for a cracker to check. ... query the SNMP daemon, but the risk is much lower. ...
    (Tru64-UNIX-Managers)
  • Re: SNMP community strings
    ... I restarted then snmp daemon and run a snmp query on the ... as well as from a windows machine running ... >> queried again using the new community strings, ... >> So I guess the answer to your question is that I restarted the daemon, ...
    (comp.security.unix)
  • Re: SNMP community strings
    ... I restarted then snmp daemon and run a snmp query on the ... as well as from a windows machine running ... >> queried again using the new community strings, ... >> So I guess the answer to your question is that I restarted the daemon, ...
    (comp.security.unix)
  • Re: SNMP community strings
    ... >> I'm stuck trying to change the snmp community strings on a unix box. ... So I guess the answer to your question is that I restarted the daemon, ...
    (comp.security.unix)