But, what about SNMPv3? If the default password is defined in snmp.conf, won't
the external request get the default password and hence they don't need to give
one. Making it trivial to access the box without a password of their own? Is
this a security threat?
Thanks for your time.
> Date: Fri, 28 Aug 2009 08:23:34 +0100
> Subject: Re: snmp.conf defaults Vs. Security
> From: [email protected]
> To: [email protected]
> CC: [email protected]
>
> 2009/8/28 Samer Vazdekis <[email protected]>:
> > would external snmp requests make
> > it's way to the device without verification of community name or security
> > credentials because they are already defined as defaults in snmp.conf?
>
> It makes absolutely no different whether the community string is
> specified on the command line ("-c xyz") or in the client configuration
> file ("defCommunity xyz")
>
> The request that is sent to the agent will look the same in both cases,
> and the agent will validate it in exactly the same way.
>
> Dave
_________________________________________________________________
Send and receive email from all of your webmail accounts.
http://go.microsoft.com/?linkid=9671356------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
