Re: Win2k SNMP Traffic
On Jan 27, 2:53pm, Deepak Sharma wrote: } } [gibberish snipped] } } So is there any way i can block SNMP traffic on win2k professional from } the routers..cause i still wanna see the pdc and bdc's.but this } is not too important...I just REALLY need to stop those win2k machines } from appearing on network neighborhood } } Deepak Sharma } MSCE CCNA ACT A+ } Ceridian Canada Ltd. Thanks for devaluing these certifications. Remind me never to hire you for anything, since it is extremely obvious that you are only paper certified. HINT: SNMP has absolutely nothing to do with network neighbourhood. If you had actually earned those certifications you would know that. }-- End of excerpt from Deepak Sharma **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associate-Announcement.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Win2k SNMP Traffic
First off, I admit that I have little knowledge of Win2k. I installed the trial edition that came with Technet, played around with it for a little, and haven't messed with it since. My organization is still with NT 4.0, and we aren't migrating for a while. But: You say you have PDCs and BDCs, so I'm assuming that you've added the Win2K machines to the domain. (Then again, you also said you wanted Win9x from Dell, so I'm not sure) In my quick tests with Win2k, I remember that Win2k machines responded to Server Manager (Showed up as NT 5.0). If the RPC is still left as default, and you haven't forced Kerebros authentication, the solution is simple. From Server Manager on an NT 4.0 server, highlight the Win2K machine. Go to File -- Services. (Double clicking on the Win2k machine won't do it) Stop the SNMP Service, and change the start-up to disabled. All done. If the Win2k machines aren't on an NT domain, but you have the administrative passwords, it can still be done, but it's trickier. The Win2k resource kit might have a few tools that would be useful, too. Hope it helps, Joel Studtmann MCSE, MCP+I A+, Network+ CCNA, CCDA - Original Message - From: "Deepak Sharma" [EMAIL PROTECTED] To: "cisco" [EMAIL PROTECTED] Sent: Thursday, September 07, 2000 5:17 AM Subject: Win2k SNMP Traffic Ok here's the scenario. Multiple branch offices,( LAN, WAN slowest 56k and fastest oc3) and cisco routers from 1900's to 3600's ) PDC, and a whole lota BDC's. NT 4.0 PDC and BDCs; still wanna see the those computers when I go into network neighbor hood. BT.Dell is now shipping all there new Pc's with win2k professional, and refuse to go back to win9x for me. (( ba*tards))this causes me to have alota headache, cause win2k has SNMP traffic enabled by Default when we get them...and now I can start to see all the new win2k machines in network neighbor hood. This is a problem due to security reasons and management and blah blah blah...and there's NO possible way I can go, or tell the techy there to go to disable SNMP traffic on all the new comps!!!I was thinking about goin to all the branch offices and config. the routers to block snmp traffic ( port 161 off the top of my head ), So is there any way i can block SNMP traffic on win2k professional from the routers..cause i still wanna see the pdc and bdc's.but this is not too important...I just REALLY need to stop those win2k machines from appearing on network neighborhood " access-list 100 deny snmp win2kpro" hahah thanks Deepak Sharma MSCE CCNA ACT A+ Ceridian Canada Ltd. -- \\|// (o o) oOOo-(_)-oOOo *@ bcz finest @* ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associate-Announcement.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Win2k SNMP Traffic
Windows 2K does not enable SNMP by default. Dell is doing that so that their server monitoring software will get messages from the servers warning you when a fan slows down, a power supply starts to regulate out of spec or a RAID controller reports a container member problem. Stopping and disabling SNMP in services will stop the snmp traffic but will cause all the Dell monitoring applications to report problems initializing. Also, this has nothing to do with network neighborhood browsing. Putting those systems in a different domain or workgroup will make them less obvious. A different domain without a trust relationship will give some security against access. Vern Stitt ASE, CCA, CCNA, MCSE "Deepak Sharma" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ok here's the scenario. Multiple branch offices,( LAN, WAN slowest 56k and fastest oc3) and cisco routers from 1900's to 3600's ) PDC, and a whole lota BDC's. NT 4.0 PDC and BDCs; still wanna see the those computers when I go into network neighbor hood. BT.Dell is now shipping all there new Pc's with win2k professional, and refuse to go back to win9x for me. (( ba*tards))this causes me to have alota headache, cause win2k has SNMP traffic enabled by Default when we get them...and now I can start to see all the new win2k machines in network neighbor hood. This is a problem due to security reasons and management and blah blah blah...and there's NO possible way I can go, or tell the techy there to go to disable SNMP traffic on all the new comps!!!I was thinking about goin to all the branch offices and config. the routers to block snmp traffic ( port 161 off the top of my head ), So is there any way i can block SNMP traffic on win2k professional from the routers..cause i still wanna see the pdc and bdc's.but this is not too important...I just REALLY need to stop those win2k machines from appearing on network neighborhood " access-list 100 deny snmp win2kpro" hahah thanks Deepak Sharma MSCE CCNA ACT A+ Ceridian Canada Ltd. -- \\|// (o o) oOOo-(_)-oOOo *@ bcz finest @* ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associate-Announcement.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Win2k SNMP Traffic
I see when I post something on this group, i hope to meet healthy criticism, saying i was wrong on thinking SNMP had to do with network neighborhood .thanks for all who did that ( Ejay Hire, John Nemeth, Trevor Corness...etc ) But John, I can see your some real asswipe thinking you can diss anyone on the group, just b/c you have more real-world experience so what if im paper certified so what if im only 19 years old(yes 19)... what the hell is your damn problem buddy I asked for help.I dident ask you to disrespect me jerk.. John Nemeth wrote: On Jan 27, 2:53pm, Deepak Sharma wrote: } } [gibberish snipped] } } So is there any way i can block SNMP traffic on win2k professional from } the routers..cause i still wanna see the pdc and bdc's.but this } is not too important...I just REALLY need to stop those win2k machines } from appearing on network neighborhood } } Deepak Sharma } MSCE CCNA ACT A+ } Ceridian Canada Ltd. Thanks for devaluing these certifications. Remind me never to hire you for anything, since it is extremely obvious that you are only paper certified. HINT: SNMP has absolutely nothing to do with network neighbourhood. If you had actually earned those certifications you would know that. }-- End of excerpt from Deepak Sharma -- \\|// (o o) oOOo-(_)-oOOo *@ bcz finest @* **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Win2k SNMP Traffic
I don't understand a few things in your post. First, I have had W2K Pro and Server in the lab and our findings are that W2K Pro does NOT install SNMP by default but Server DOES. So the W2K Pro machines should be ok. (like I said, that's our findings from doing the installs ourselves, Dell is maybe doing their own idea of pre-config). This was further shown to us as W2K of all stripes is forbidden from the network until it is rolled out properly. People install W2K server not knowing that SNMP is installed by default with the "public" community string. Our SNMP management tools pick them up immediately and we catch them and shut them down and they wonder how we found them so fast. W2K Pro on the other hand is more difficult to find and we use non-SNMP methods to find them. Next, SNMP has nothing to do with Network Neighbourhood. On my last network of over 12,000 devices, PCs show up in the 'Hood and they DON'T have SNMP configured. Only the servers, printers and routers/switches have SNMP enabled. Network Neighbourhood has a lot to do with WINS and browsing. So, what is probably happening is that W2K Pro machines are assuming the Master Browser Role for their subnets as NT (W2K Pro) is higher on the browser ladder than Win9x. Also, W2K Pro needs to be registered in the Domain Computer database so automatically the browse tables know about more computers than with Win9x. So, I'm not sure how to "fix" your problem. Actually what you're seeing is normal for a NT Workstation (W2K Pro). The only thing I can think of quickly is to disable browser advertisements of the W2K Pro machines. Also a lot of work unless it can be incorporated into a security policy applied to all W2K Pro machines at login. Offhand, I don't know of a way to target specific computer types in an IOS ACL. Trapping SNMP would disable SNMP for all devices. Kevin Wigle CCDP/CCNP/MCSE. - Original Message - From: "Deepak Sharma" [EMAIL PROTECTED] To: "cisco" [EMAIL PROTECTED] Sent: Wednesday, 06 September, 2000 23:17 Subject: Win2k SNMP Traffic Ok here's the scenario. Multiple branch offices,( LAN, WAN slowest 56k and fastest oc3) and cisco routers from 1900's to 3600's ) PDC, and a whole lota BDC's. NT 4.0 PDC and BDCs; still wanna see the those computers when I go into network neighbor hood. BT.Dell is now shipping all there new Pc's with win2k professional, and refuse to go back to win9x for me. (( ba*tards))this causes me to have alota headache, cause win2k has SNMP traffic enabled by Default when we get them...and now I can start to see all the new win2k machines in network neighbor hood. This is a problem due to security reasons and management and blah blah blah...and there's NO possible way I can go, or tell the techy there to go to disable SNMP traffic on all the new comps!!!I was thinking about goin to all the branch offices and config. the routers to block snmp traffic ( port 161 off the top of my head ), So is there any way i can block SNMP traffic on win2k professional from the routers..cause i still wanna see the pdc and bdc's.but this is not too important...I just REALLY need to stop those win2k machines from appearing on network neighborhood " access-list 100 deny snmp win2kpro" hahah thanks Deepak Sharma MSCE CCNA ACT A+ Ceridian Canada Ltd. -- \\|// (o o) oOOo-(_)-oOOo *@ bcz finest @* ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]