mailing list archives
AIX SNMP Defaults (fwd)
From: dhg () KSRT ORG (Dave G.)
Date: Thu, 17 Feb 2000 11:33:54 -0500
It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write
The community names are "private" and "system", but are only allowed
from localhost connections. Nevertheless, a local user may install an
SNMP client, and modify sensitive variables.
Since SNMP is UDP based, it is possible that you can spoof snmp set
requests provided that:
1) There are no firewalls in between.
2) snmpd doesnt have any code to detect which interface an SNMP packet
came in on (not likely).
From your output, it looks like the system community might be limited to a
certain set of variables that it can read/write. (depending on what view
<daveg () ksrt org>