Package: snmpd Version: 5.1.2-6 Severity: wishlist Hello, It's often a good idea to make things listen to less open ports be default, then allow the administrator to open things up if required.
So I have two suggestions. The first is to get snmpd to listen to the local port only. Changing the line SNMPDOPTS=...... so at the end it has 127.0.0.1 would mean it only listens on that interface. The other suggestion is to disable smux by default (but still allow it to be enabled. Again it is the SNMPDOPTS line but you just put -I -smux So my entire line is: SNMPDOPTS='-I -smux -Lsd -Lf /dev/null -p /var/run/snmpd.pid 127.0.0.1' This stops this mysterious port 199 appearing. Yes I know smux can be useful (if you run gated, zebra or quagga for example) but for a lot of people it is just one more attack vector for someone evil. i couldn't see a way of making smux listen to localhost only, which seemed really strange considering it is only a local thing most of the time anyway - Craig -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.3-1-386 Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Versions of packages snmpd depends on: ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libsensors3 2.8.8-7 Library to read temperature/voltag ii libsnmp5 5.1.2-6 NET SNMP (Simple Network Managemen ii libwrap0 7.6.dbs-6 Wietse Venema's TCP wrappers libra -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
