Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 05 Oct 2001 21:27:15 -0400
From:      Mike Tancsa <mike@sentex.net>
To:        ofsenfreebsd@yahoo.com (Omer Faruk Sen)
Cc:        questions@freebsd.org
Subject:   Re: ucb-snmp (net-snmp)
Message-ID:  <m3nsrtg1n7ckst7eo7fhopi8ctksps96of@4ax.com>
In-Reply-To: <SEN.1002283499.828440776@news.sentex.net>
References:  <SEN.1002283499.828440776@news.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Fri, 5 Oct 2001 12:04:59 +0000 (UTC), in sentex.lists.freebsd.questions
you wrote:

>Hi;
>
>I am so new to snmp. I have downloaded and installed
>net-snmp (formerly ucb-snmp) for learning my computers
>bandwidth usage. I want to change my community name
>for security reasons (not public) but I can not find
>in which conf file does that option resides ?
>
>Any idea?
Hi,

copy the EXAMPLE.conf to /usr/local/share/snmp/snmpd.conf

and in it, edit the community names as well as IP address that can monitor.
e.g.

--- /usr/ports/net/net-snmp/work/ucd-snmp-4.2.1/EXAMPLE.conf    Tue Sep  4
10:00:28 2001
+++ /usr/local/share/snmp/snmpd.conf    Tue Sep  4 10:10:31 2001
@@ -58,8 +58,9 @@
 # from):
 
 #       sec.name  source          community
-com2sec local     localhost       COMMUNITY
-com2sec mynetwork NETWORK/24      COMMUNITY
+com2sec local     localhost       zxzDDew023
+com2sec mynetwork 192.168.1.1   dsfd923321
+com2sec mynetwork 10.1.1.0/24   23dd9w224
 

This allows only localhost,192.168.1.1 and 10.1.1.0-254 to access the mib
tree.


Also, the current version of snmp lets you run as a non root user after
startup. The only trick is that you must give it the uid and gid of the
user you want to run it as. For example, if the username and group
snmp:snmp was 800 and 1002, modify /usr/local/etc/rc.d/snmpd.sh to look
like

 [ -x ${PREFIX}/sbin/snmpd ] && ${PREFIX}/sbin/snmpd -u 800 -g 1002 && echo
-n ' snmpd'

This is better than running as root.

	---Mike
Mike Tancsa  (mdtancsa@sentex.net)		
Sentex Communications Corp,   		
Waterloo, Ontario, Canada
"Given enough time, 100 monkeys on 100 routers 
could setup a national IP network." (KDW2)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3nsrtg1n7ckst7eo7fhopi8ctksps96of>