2009/8/28 Samer Vazdekis <[email protected]>: > But, what about SNMPv3? If the default password is defined in snmp.conf, > won't the external request get the default password and hence they don't > need to give one. Making it trivial to access the box without a password of > their own? Is this a security threat?
Only if you put the defPassword entry in the system-wide snmp.conf. It would be more usual to configure this (and probably the other default client settings) in a personal $HOME/.snmp/snmp.conf file. But yes - there is definitely a trade-off between security and convenience here. If you regard the risks of having pre-configured passwords as being too great, then the obvious answer is not to use them. It's your choice. Dave ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
