Do you have a Windows Management Instrumentation client that will be accessing snmp information on this server?
________________________________________ From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:55 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton <[EMAIL PROTECTED]> wrote: > Sorry Kurt, I've actually never implemented SNMP before (I know, > weird, > huh?) > > However, the logical part of my brain was screaming at me that it was > a DUH! type of question... > > > > > Joe Heaton > > -----Original Message----- > From: Kurt Buff [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 29, 2008 5:10 PM > To: NT System Admin Issues > Subject: Re: Network monitoring with SNMP > > On 4/29/08, Joe Heaton <[EMAIL PROTECTED]> wrote: > > > > You guys don't use the default community strings with SNMP do you? > > These should be changed to something unique, correct? > > Um, the only word that comes to mind here is "duh". > > Most implementations are still v1, which is completely plain text. > Next most common, from my limited reading, are v2c and then v3 - and > it's only with v3 that you get reasonable encryption, but staying away > from the defaults is still the only way to go. > > Kurt > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
