[mrtg] Re: SNMP Security on NT.

Matt Walkowiak mwalkowi at intxx.com
Tue Jun 5 17:29:19 MEST 2001 

Woah... ok, dont worry.  SNMP is now NOT a standard on my bastion hosts.
Such resounding support for NT and the security it has :)  Guess Ill just
have to track the Cpu, Disk use and such by hand.  oh well.

I suppose I COULD install mrtg on the NT box, and have it check itself, then
just not allow port 161 (???) on any interface with NT's own IP security.

Anyway, thanks for all the responces!

Matt

-----Original Message-----
From: Andre Coetzee [mailto:andrec at emailco.co.za]
Sent: Tuesday, June 05, 2001 10:19 AM
To: 'Matt Walkowiak'
Subject: RE: [mrtg] SNMP Security on NT.


Hi Matt,

1. Dont do it !!

Reasons - Everything (system resources, connected computers on lan,
applications installed, etc ...) can be seen via snmp !!!
Huge security risk ... because one can tell what services are running,
processor load, etc ...

Regards
Andre

-----Original Message-----
From: Matt Walkowiak [mailto:mwalkowi at intxx.com]
Sent: 05 June 2001 04:57
To: 'mrtg at list.ee.ethz.ch'
Subject: [mrtg] SNMP Security on NT.



What does everyone feel about enabling SNMP on a Windows NT bastion host.  I
am building a few Web Servers that will be outside the firewall, wide open
on the internet.  Since I don't know a lot about SNMP and hacking, how
secure is NT 4's SNMP implementation?  is it "safe" to have a server outside
the firewall with SNMP loaded, even if it has a non-standard community
string for RO, no RW.

Thoughts?

I should mention, I would appreciate it if the responses I get do NOT blast
NT as super-unsecured.  We all already know this.  However, all else being
equal, is it a big deal to enable SNMP on an unsecured server?

Thanks!

Matt

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

More information about the mrtg mailing list