Mike Ayers wrote: >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On >> Behalf Of Davin >> Sent: Monday, January 14, 2008 10:59 AM > >> I'd >> stick with >> 2c unless you have a real reason to use 1, and I don't belief this >> qualifies. > > I don't know why you'd say this. Almost anything which supports SNMP > supports SNMPv1, and many don't support anything else. SNMPv2c, on the other > hand, is a well supported myth. For read-only SNMP, a v1 community named > "public" is the de facto standard. You should not support community based > writing unless the customer demands it, as it is insecure. >
I did not say that she should enable a rwcommunity, and I should have worded that as "I wouldn't disable v2c unless you have a reason to only use v1". The point I was trying to make was that the IP address based ACLing can be utilized with both v1 and v2c, and allowing 2c allows for certain desirable features such as bulkwalks. Disabling v1 alongside 2c is a bad idea, and enabling rwcommunities is a worse one. >> It is worth mentioning that USM and VACM, which are only available in >> v3, > > In net-snmp, VACM works on communities as well as users. > > Correct. I recalled that USM manipulation only worked with v3 using the snmpusm command, but mistakenly lumped VACM into the same category. Thanks. -Davin ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
