Yes, you are correct.
I was just trying to explain what must get into snmpd.conf file.
Of-course it is not at a good IDEA to put dictionary words for security.
They are more like passwords. :-)
Yeah, I would not suggest anyone to do it. I understand the
complexities of having poor, easily guessed name in the .conf.
But, that was just my example.
Cheers,
On Wed, Feb 16, 2011 at 10:43 PM, Dave Shield <d.t.shi...@liverpool.ac.uk>wrote:
> On 16 February 2011 17:03, Ashwin Kumar <ashwinkumar...@gmail.com> wrote:
> > Please add rocommunity and rwcommunity strings in your snmpd.conf.
> > It must look like
> > rocommunity public
> > rwcommunity private
>
> Please do *NOT* suggest configuring a read-write community of "private".
>
> If you must use SET with community-based versions of SNMP,
> then at the very least you should use a secret community name.
> (Though even this is open to packet sniffing).
> In general, if you are going to use SET requests, then you should
> be looking at SNMPv3.
>
> But using a "well known" community string for SET requests is just asking
> for trouble - akin to having user accounts with no password!
>
> This is a Very Bad Idea.
> Please do not do this, or suggest that anyone else does this either.
>
> Dave
>
--
-- Ashwin Kumar
+91-974-054-7793
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
