cvs commit: src/etc snmpd.config
Harti Brandt
hartmut.brandt at dlr.de
Tue Oct 31 11:28:36 UTC 2006
On Tue, 31 Oct 2006, Bjoern A. Zeeb wrote:
BAZ>On Tue, 31 Oct 2006, Hartmut Brandt wrote:
BAZ>
BAZ>> harti 2006-10-31 10:23:28 UTC
BAZ>>
BAZ>> FreeBSD src repository
BAZ>>
BAZ>> Modified files:
BAZ>> etc snmpd.config
BAZ>> Log:
BAZ>> Bind to INADDR_ANY in the default configuration. This makes bsnmpd(1)
BAZ>> automatically work on multi-homed hosts and without explicite
BAZ>> specification
BAZ>> of the hostname in the config file.
BAZ>>
BAZ>> Submitted by: jmg
BAZ>>
BAZ>> Revision Changes Path
BAZ>> 1.7 +1 -3 src/etc/snmpd.config
BAZ>
BAZ>haeh - I think what we (jmg, glebius and me) had agreed on on IRC was
BAZ>default bind should be on 'localhost' with a commented out sample
BAZ>for 0/0. And the bogus$(host) should be dropped.
Well, if you've agreed, then you should probably commit it. Locks ok for
me too.
BAZ>Binding to 0/0 by default just exposes bsnmpd to the world with a
BAZ>default secret if blindly enabled which is not a too good idea(tm).
Well, at least there is no write community set, so the amount of damage is
limited. Also, normally SNMPv[12] should be firewalled. Of course, this
does not help if you run SNMP on your firewall.
In any case, go ahead and commit.
harti
More information about the cvs-src
mailing list