On Tue, 31 Oct 2006, Bjoern A. Zeeb wrote: BAZ>On Tue, 31 Oct 2006, Hartmut Brandt wrote: BAZ> BAZ>> harti 2006-10-31 10:23:28 UTC BAZ>> BAZ>> FreeBSD src repository BAZ>> BAZ>> Modified files: BAZ>> etc snmpd.config BAZ>> Log: BAZ>> Bind to INADDR_ANY in the default configuration. This makes bsnmpd(1) BAZ>> automatically work on multi-homed hosts and without explicite BAZ>> specification BAZ>> of the hostname in the config file. BAZ>> BAZ>> Submitted by: jmg BAZ>> BAZ>> Revision Changes Path BAZ>> 1.7 +1 -3 src/etc/snmpd.config BAZ> BAZ>haeh - I think what we (jmg, glebius and me) had agreed on on IRC was BAZ>default bind should be on 'localhost' with a commented out sample BAZ>for 0/0. And the bogus$(host) should be dropped.
Well, if you've agreed, then you should probably commit it. Locks ok for me too. BAZ>Binding to 0/0 by default just exposes bsnmpd to the world with a BAZ>default secret if blindly enabled which is not a too good idea(tm). Well, at least there is no write community set, so the amount of damage is limited. Also, normally SNMPv[12] should be firewalled. Of course, this does not help if you run SNMP on your firewall. In any case, go ahead and commit. harti _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
