[14286] in bugtraq
Re: snmp problems still alive...
daemon@ATHENA.MIT.EDU (Damir Rajnovic)
Wed Mar 15 00:08:44 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <4.2.0.58.20000314071157.06c221a0@amsterdam.cisco.com>
Date: Tue, 14 Mar 2000 07:26:42 +0000
Reply-To: Damir Rajnovic <drajnovi@CISCO.COM>
From: Damir Rajnovic <drajnovi@CISCO.COM>
X-To: monti <monti@ushost.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.3.96.1000313221509.24971D-100000@mournblade>
Hello Monti,
At 22:49 13/03/2000 -0600, monti wrote:
>Correct me if I'm wrong... but my impression was that a community
>string was *always* required for snmp to work on IOS. That is, *if* you
I can not comment on this since I am not an expert in SNMP but I will
raise this question with our people who are experts.
>The problem I've seen is that things like 'setup' and other front-ends
>have been known to create a default of 'public'/'private' (not to mention
>network administrators have come to belive that this is just a matter of
>convention and mimic it, although I dont know if Cisco can be blamed for
>that).
Hey! Thank's for that! It is nice when you are not guilty!
>If anyone knows of an equivalent to 'no snmp-server' for PIX, please
>share! I'm unaware of a way to completely disable snmp, and have
>had to live with simply assigning very very long random strings for the
>community in many implementations.
I do not know how to disable it completely but I will add this to
my list of things to do. While on the subject, I am collecting things
for which we need to have on/off switches (like 'no snmp-server')
so if you people from the list do have any wishes in that respect
send them to me. However, I will reject mails like 'we want all' so
please try to be specific and be aware that I will ask for reasons
why.
Cheers,
Gaus
==============
Damir Rajnovic <psirt@cisco.com>, PSIRT Incident Manager, Cisco Systems
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
Phone: +44 7715 546 033
4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB
==============
There is no insolvable problems. Question remains: can you
accept the solution?
