From owner-freebsd-questions  Fri Oct  5 18:27:21 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4])
	by hub.freebsd.org (Postfix) with ESMTP id 4F8D137B406
	for <questions@freebsd.org>; Fri,  5 Oct 2001 18:27:17 -0700 (PDT)
Received: from chimp.simianscience.com (cage.simianscience.com [64.7.134.1])
	by smtp1.sentex.ca (8.11.6/8.11.6) with SMTP id f961RFb76128;
	Fri, 5 Oct 2001 21:27:15 -0400 (EDT)
	(envelope-from mike@sentex.net)
From: Mike Tancsa <mike@sentex.net>
To: ofsenfreebsd@yahoo.com (Omer Faruk Sen)
Cc: questions@freebsd.org
Subject: Re: ucb-snmp (net-snmp)
Date: Fri, 05 Oct 2001 21:27:15 -0400
Message-ID: <m3nsrtg1n7ckst7eo7fhopi8ctksps96of@4ax.com>
References: <SEN.1002283499.828440776@news.sentex.net>
In-Reply-To: <SEN.1002283499.828440776@news.sentex.net>
X-Mailer: Forte Agent 1.8/32.548
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Fri, 5 Oct 2001 12:04:59 +0000 (UTC), in =
sentex.lists.freebsd.questions
you wrote:

>Hi;
>
>I am so new to snmp. I have downloaded and installed
>net-snmp (formerly ucb-snmp) for learning my computers
>bandwidth usage. I want to change my community name
>for security reasons (not public) but I can not find
>in which conf file does that option resides ?
>
>Any idea?
Hi,

copy the EXAMPLE.conf to /usr/local/share/snmp/snmpd.conf

and in it, edit the community names as well as IP address that can =
monitor.
e.g.

--- /usr/ports/net/net-snmp/work/ucd-snmp-4.2.1/EXAMPLE.conf    Tue Sep  =
4
10:00:28 2001
+++ /usr/local/share/snmp/snmpd.conf    Tue Sep  4 10:10:31 2001
@@ -58,8 +58,9 @@
 # from):
=20
 #       sec.name  source          community
-com2sec local     localhost       COMMUNITY
-com2sec mynetwork NETWORK/24      COMMUNITY
+com2sec local     localhost       zxzDDew023
+com2sec mynetwork 192.168.1.1   dsfd923321
+com2sec mynetwork 10.1.1.0/24   23dd9w224
=20

This allows only localhost,192.168.1.1 and 10.1.1.0-254 to access the mib
tree.


Also, the current version of snmp lets you run as a non root user after
startup. The only trick is that you must give it the uid and gid of the
user you want to run it as. For example, if the username and group
snmp:snmp was 800 and 1002, modify /usr/local/etc/rc.d/snmpd.sh to look
like

 [ -x ${PREFIX}/sbin/snmpd ] && ${PREFIX}/sbin/snmpd -u 800 -g 1002 && =
echo
-n ' snmpd'

This is better than running as root.

	---Mike
Mike Tancsa  (mdtancsa@sentex.net)	=09
Sentex Communications Corp,   	=09
Waterloo, Ontario, Canada
"Given enough time, 100 monkeys on 100 routers=20
could setup a national IP network." (KDW2)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message