diff options
author | harti <harti@FreeBSD.org> | 2006-01-10 12:08:25 +0000 |
---|---|---|
committer | harti <harti@FreeBSD.org> | 2006-01-10 12:08:25 +0000 |
commit | 0b56383eacebbc88f6b793c62e0764849dfbff2f (patch) | |
tree | 1cd031577ab99779f242224297c837c5b182d7e0 /etc/snmpd.config | |
parent | 3b616a90c34f81fa207b85536a64695170563d0d (diff) | |
download | FreeBSD-src-0b56383eacebbc88f6b793c62e0764849dfbff2f.zip FreeBSD-src-0b56383eacebbc88f6b793c62e0764849dfbff2f.tar.gz |
Disable default write access by not setting the write community string.
PR: 91404, 91406
Diffstat (limited to 'etc/snmpd.config')
-rw-r--r-- | etc/snmpd.config | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/etc/snmpd.config b/etc/snmpd.config index bc8b02c..a8c8e0d 100644 --- a/etc/snmpd.config +++ b/etc/snmpd.config @@ -15,6 +15,7 @@ trapport := 162 # Change this! read := "public" +# Uncomment line 42 that sets the community string to enable write access. write := "geheim" trap := "mytrap" @@ -25,8 +26,20 @@ trap := "mytrap" begemotSnmpdDebugDumpPdus = 2 begemotSnmpdDebugSyslogPri = 7 +# +# Set the read and write communities. +# +# The default value of the community strings is NULL (note, that this is +# different from the empty string). This disables both read and write access. +# To enable read access only the read community string must be set. Setting +# the write community string enables both read and write access with that +# string. +# +# Be sure to understand the security implications of SNMPv2 - the community +# strings are readable on the wire! +# begemotSnmpdCommunityString.0.1 = $(read) -begemotSnmpdCommunityString.0.2 = $(write) +# begemotSnmpdCommunityString.0.2 = $(write) begemotSnmpdCommunityDisable = 1 # open standard SNMP ports |