Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> snmp security question

snmp security question

From: Michael Norbert <michaelnorbert_at_hotmail.com>
Date: 12 Mar 2002 09:35:29 -0800
Message-ID: <c2880966.0203120935.2a51b734@posting.google.com> 





Hello 
 


Corporate security just sent me this, I'm wondering if someone can
shed some light for me. I don't have the dbsnmp sub agent running on
any of my machines, but it looks like I need to do more.
 


thanks


mike


michaelnorbert_at_hotmail.com
 


> A brief security review of system xxx.xxx.xxx.xx indicates that you have

> a poorly configured SNMP service:

>

> ====================================

> SNMP Checks

> --------------------------------------------------------------------------





> The following 1 community names were found, and have read access :

> public

>

> The following writeable communities were found:

> public

>

> The MIB2 mib is present.

>

> System description: HP-UX xxxxx B.11.00 U 9000/800

> System contact:

> System name: xxxxx

> System location:

> ====================================

>

> Many systems have SNMP enabled by a default install.

> If you do not require SNMP - you should disable it.

> If you do require SNMP - you must secure it properly, including not

> having "public" as the password.

>

> Since you are seeking SSH access, I will grant your request, however,

> someone should be looking into the SNMP service.

Received on Tue Mar 12 2002 - 11:35:29 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US