Quote:
Originally Posted by cnelson
I have several Ubuntu(10.04), and centos (4.x and 5.x) servers that I am setting up snmp monitoring on. But setting the iptables doesn't always seam to work, the only for sure way has been disabling the firewall.
The following IP tables commands is what I have been using
What will work?
|
First, for your firewall. Don't know if you're using UFW or not, but this page has tips that might help:
http://serverfault.com/questions/397...wall-on-ubuntu
Obviously, instead of "ufw allow http", you'd put "ufw allow snmp".
Quote:
Does anythign else need to be ran to save it so it comes up next reboot?
|
Well, DOES it come up after reboot?? Have you tried it, or are you assuming it won't? Can't address a problem if you don't know you have it. CentOS can be done with "chkconfig snmp on", which will start SNMP at boot time. Ubuntu, go to "System->Administration->Services", and check SNMP to start at boot.
Quote:
Also is there a way to lock down snmp? right now the conf file is 3 lines long . . . .
|
Sort of. Make sure you set good passwords for your public/private SNMP queries. Otherwise, ANYONE can just sniff that box, and get all the necessary info to make hacking it much easier. the private (set) string is most important. Missing password there?? That means that ANYONE could just decide to reboot the box, etc.....