Disable snmpd for good | Unix Linux Forums | AIX

  Go Back    


AIX AIX is IBM's industry-leading UNIX operating system that meets the demands of applications that businesses rely upon in today's marketplace.

Disable snmpd for good

AIX


Tags
aix, unix

Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 03-22-2013
Janpol Janpol is offline
Registered User
 
Join Date: Mar 2013
Last Activity: 25 September 2013, 10:54 AM EDT
Posts: 9
Thanks: 3
Thanked 2 Times in 2 Posts
Disable snmpd for good

Hi everyone, I am struggling with something that I thought it would be really easy. I want to disable snmpd, but every time y reboot my server, it starts again. I've commented it out on the rc.tcpip file, but still it starts automatically.


Code:
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"

I've also commented it out the following:


Code:
# Start up the hostmibd daemon
#start /usr/sbin/hostmibd "$src_running"

# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"

# Start up the aixmibd daemon
#start /usr/sbin/aixmibd "$src_running"

In fact, the only thing that isn't commented out is this:


Code:
# Start up socket-based daemons
start /usr/sbin/inetd "$src_running"

This is my inetd.conf file:


Code:
## service  socket  protocol  wait/  user    server    server program
##  name     type             nowait         program     arguments
##
#ftp     stream  tcp6    nowait  root    /usr/sbin/ftpd         ftpd
#telnet  stream  tcp6    nowait  root    /usr/sbin/telnetd      telnetd -a
#shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd
#kshell  stream  tcp     nowait  root    /usr/sbin/krshd        krshd
#login   stream  tcp6    nowait  root    /usr/sbin/rlogind      rlogind
#klogin  stream  tcp     nowait  root    /usr/sbin/krlogind     krlogind
#exec    stream  tcp6    nowait  root    /usr/sbin/rexecd       rexecd
#comsat dgram   udp     wait    root    /usr/sbin/comsat       comsat
#uucp   stream  tcp     nowait  root    /usr/sbin/uucpd        uucpd
#bootps	dgram   udp     wait    root    /usr/sbin/bootpd       bootpd /etc/bootptab
##
## Finger, systat and netstat give out user information which may be
## valuable to potential "system crackers."  Many sites choose to disable
## some or all of these services to improve security.
##
#finger stream  tcp     nowait  nobody  /usr/sbin/fingerd     fingerd
#systat	stream	tcp	nowait	nobody	/usr/bin/ps           ps -ef
#netstat stream	tcp	nowait	nobody	/usr/bin/netstat      netstat -f inet
#
#tftp	 dgram	udp6	SRC	nobody	/usr/sbin/tftpd		tftpd -n
#talk   dgram   udp     wait    root    /usr/sbin/talkd         talkd
#ntalk   dgram   udp     wait    root    /usr/sbin/talkd         talkd
# 
# rexd uses very minimal authentication and many sites choose to disable
# this service to improve security.
#
#rquotad  sunrpc_udp     udp     wait    root    /usr/sbin/rpc.rquotad rquotad 100011 1
#rexd	 sunrpc_tcp	tcp	wait	root	/usr/sbin/rpc.rexd rexd 100017 1
#rstatd	 sunrpc_udp	udp	wait	root	/usr/sbin/rpc.rstatd rstatd 100001 1-3
#rusersd sunrpc_udp	udp	wait	root	/usr/lib/netsvc/rusers/rpc.rusersd rusersd 100002 1-2
#rwalld	 sunrpc_udp	udp	wait	root	/usr/lib/netsvc/rwall/rpc.rwalld rwalld 100008 1
#sprayd	 sunrpc_udp	udp	wait	root	/usr/lib/netsvc/spray/rpc.sprayd sprayd 100012 1
#pcnfsd	 sunrpc_udp	udp	wait 	root	/usr/sbin/rpc.pcnfsd pcnfsd 150001 1-2
#echo	stream	tcp	nowait	root	internal
#discard	stream	tcp	nowait	root	internal
#chargen	stream	tcp	nowait	root	internal
#daytime	stream	tcp	nowait	root	internal
#time	stream	tcp	nowait	root	internal
#echo	dgram	udp	wait	root	internal
#discard	dgram	udp	wait	root	internal
#chargen	dgram	udp	wait	root	internal
#daytime	dgram	udp	wait	root	internal
#time	dgram	udp	wait	root	internal
#dtspc stream	tcp	nowait	root
#ttdbserver	sunrpc_tcp	tcp	wait
#cmsd	sunrpc_udp	udp	wait	root
## The following line is for installing over the network.
#instsrv stream	tcp	nowait	netinst	/u/netinst/bin/instsrv instsrv -r /tmp/netinstalllog /u/netinst/scripts
#imap2	stream	tcp	nowait	root	/usr/sbin/imapd imapd
#pop3	stream	tcp	nowait	root	/usr/sbin/pop3d pop3d
caa_cfg	stream	tcp6	nowait	root	/usr/sbin/clusterconf clusterconf >>/var/adm/ras/clusterconf.log 2>&1
xmquery	dgram	udp	wait	root	/usr/bin/xmtopas xmtopas -p3

And the output of grep snmp /etc/* 2>/dev/null :


Code:
/etc/aixmibd.conf:# @(#)59        1.10  src/tcpip/etc/aixmibd.conf, smsnmp, tcpip610 6/20/03 11:02:48
/etc/aixmibd.conf:# extension, /usr/samples/snmpd/aixmib.my.
/etc/atm.defs:-- @(#)17  1.2  src/tcpip/etc/atm.defs, snmpatm, tcpip610 8/14/97 11:32:19
/etc/clsnmp.conf:# tcpip610 src/tcpip/etc/clsnmp.conf 1.1 
/etc/clsnmp.conf:# @(#)29        1.1  src/tcpip/etc/clsnmp.conf, snmp, tcpip610 2/4/02 21:51:04
/etc/clsnmp.conf:# As the clsnmp command supports both issuance of SNMP requests and receipt
/etc/clsnmp.conf:# of SNMP traps, the entries in the clsnmp.conf file must be defined for both
/etc/gated.conf:#		timer, parse, route, kernel, bgp, egp, rip, hello, icmp, snmp,
/etc/gated.conf:#          snmp yes|no|on|off [ {
/etc/mib.defs:-- @(#)92      1.24  src/tcpip/etc/mib.defs, snmp, tcpip61H, 0913A_61H 3/19/09 12:55:17
/etc/mib.defs:risc6000snmpd        risc6000agents.1
/etc/mib.defs:risc6000snmpmibd     risc6000agents.6
/etc/mib.defs:snmp                 mib-2.11
/etc/mib.defs:snmpInPkts           snmp.1           Counter         read-only       mandatory
/etc/mib.defs:snmpOutPkts          snmp.2           Counter         read-only       mandatory
/etc/mib.defs:snmpInBadVersions    snmp.3           Counter         read-only       mandatory
/etc/mib.defs:snmpInBadCommunityNames snmp.4           Counter         read-only       mandatory
/etc/mib.defs:snmpInBadCommunityUses snmp.5           Counter         read-only       mandatory
/etc/mib.defs:snmpInASNParseErrs   snmp.6           Counter         read-only       mandatory
/etc/mib.defs:snmpInTooBigs        snmp.8           Counter         read-only       mandatory
/etc/mib.defs:snmpInNoSuchNames    snmp.9           Counter         read-only       mandatory
/etc/mib.defs:snmpInBadValues      snmp.10          Counter         read-only       mandatory
/etc/mib.defs:snmpInReadOnlys      snmp.11          Counter         read-only       mandatory
/etc/mib.defs:snmpInGenErrs        snmp.12          Counter         read-only       mandatory
/etc/mib.defs:snmpInTotalReqVars   snmp.13          Counter         read-only       mandatory
/etc/mib.defs:snmpInTotalSetVars   snmp.14          Counter         read-only       mandatory
/etc/mib.defs:snmpInGetRequests    snmp.15          Counter         read-only       mandatory
/etc/mib.defs:snmpInGetNexts       snmp.16          Counter         read-only       mandatory
/etc/mib.defs:snmpInSetRequests    snmp.17          Counter         read-only       mandatory
/etc/mib.defs:snmpInGetResponses   snmp.18          Counter         read-only       mandatory
/etc/mib.defs:snmpInTraps          snmp.19          Counter         read-only       mandatory
/etc/mib.defs:snmpOutTooBigs       snmp.20          Counter         read-only       mandatory
/etc/mib.defs:snmpOutNoSuchNames   snmp.21          Counter         read-only       mandatory
/etc/mib.defs:snmpOutBadValues     snmp.22          Counter         read-only       mandatory
/etc/mib.defs:snmpOutGenErrs       snmp.24          Counter         read-only       mandatory
/etc/mib.defs:snmpOutGetRequests   snmp.25          Counter         read-only       mandatory
/etc/mib.defs:snmpOutGetNexts      snmp.26          Counter         read-only       mandatory
/etc/mib.defs:snmpOutSetRequests   snmp.27          Counter         read-only       mandatory
/etc/mib.defs:snmpOutGetResponses  snmp.28          Counter         read-only       mandatory
/etc/mib.defs:snmpOutTraps         snmp.29          Counter         read-only       mandatory
/etc/mib.defs:snmpEnableAuthenTraps snmp.30          INTEGER         read-write      mandatory
/etc/mib.defs:snmpSilentDrops	     snmp.31	      Counter32	      read-only	      current		
/etc/mib.defs:snmpProxyDrops	     snmp.32	      Counter32	      read-only       current	
/etc/mib.defs:snmpDomain           viewDomains.1
/etc/mib.defs:rfc1157Domain        snmpDomain.1
/etc/mib.defs:cltsDomain           snmpDomain.3
/etc/mib.defs:cotsNDomain          snmpDomain.4
/etc/mib.defs:cotsXDomain          snmpDomain.5
/etc/mib.defs:snmpV2               internet.6
/etc/mib.defs:snmpDomains          snmpV2.1
/etc/mib.defs:snmpProxys           snmpV2.2
/etc/mib.defs:snmpModules          snmpV2.3
/etc/mib.defs:snmpFrameworkMIB     snmpModules.10
/etc/mib.defs:snmpFrameworkAdmin   snmpFrameworkMIB.1
/etc/mib.defs:snmpAuthProtocols    snmpFrameworkAdmin.1
/etc/mib.defs:snmpPrivProtocols    snmpFrameworkAdmin.2
/etc/mib.defs:snmpFrameworkMIBObjects snmpFrameworkMIB.2
/etc/mib.defs:snmpEngine           snmpFrameworkMIBObjects.1
/etc/mib.defs:snmpEngineID         snmpEngine.1    OctetString read-only       current
/etc/mib.defs:snmpEngineBoots      snmpEngine.2    INTEGER  read-only       current
/etc/mib.defs:snmpEngineTime       snmpEngine.3    INTEGER  read-only       current
/etc/mib.defs:snmpEngineMaxMessageSize snmpEngine.4    INTEGER read-only       current
/etc/mib.defs:snmpFrameworkMIBConformance snmpFrameworkMIB.3
/etc/mib.defs:snmpFrameworkMIBCompliances snmpFrameworkMIBConformance.1
/etc/mib.defs:snmpFrameworkMIBCompliance snmpFrameworkMIBCompliances.1
/etc/mib.defs:snmpFrameworkMIBGroups snmpFrameworkMIBConformance.2
/etc/mib.defs:snmpEngineGroup      snmpFrameworkMIBGroups.1
/etc/mib.defs:snmpMPDMIB           snmpModules.11
/etc/mib.defs:snmpMPDAdmin         snmpMPDMIB.1
/etc/mib.defs:snmpMPDMIBObjects    snmpMPDMIB.2
/etc/mib.defs:snmpMPDStats         snmpMPDMIBObjects.1
/etc/mib.defs:snmpUnknownSecurityModels snmpMPDStats.1  Counter32       read-only       current
/etc/mib.defs:snmpInvalidMsgs      snmpMPDStats.2  Counter32       read-only       current
/etc/mib.defs:snmpUnknownPDUHandlers snmpMPDStats.3  Counter32       read-only       current
/etc/mib.defs:snmpMPDMIBConformance snmpMPDMIB.3
/etc/mib.defs:snmpMPDMIBCompliances snmpMPDMIBConformance.1
/etc/mib.defs:snmpMPDCompliance    snmpMPDMIBCompliances.1
/etc/mib.defs:snmpMPDMIBGroups     snmpMPDMIBConformance.2
/etc/mib.defs:snmpMPDGroup         snmpMPDMIBGroups.1
/etc/mib.defs:snmpTargetMIB        snmpModules.12 
/etc/mib.defs:snmpTargetObjects    snmpTargetMIB.1 
/etc/mib.defs:snmpTargetSpinLock   snmpTargetObjects.1 TestAndIncr     read-write      current
/etc/mib.defs:snmpTargetAddrTable  snmpTargetObjects.2 Table           not-accessible  current
/etc/mib.defs:snmpTargetAddrEntry  snmpTargetAddrTable.1 Row             not-accessible  current
/etc/mib.defs:snmpTargetAddrName   snmpTargetAddrEntry.1 SnmpAdminString not-accessible  current
/etc/mib.defs:snmpTargetAddrTDomain snmpTargetAddrEntry.2 TDomain         read-create     current
/etc/mib.defs:snmpTargetAddrTAddress snmpTargetAddrEntry.3 TAddress        read-create     current
/etc/mib.defs:snmpTargetAddrTimeout snmpTargetAddrEntry.4 TimeInterval    read-create     current
/etc/mib.defs:snmpTargetAddrRetryCount snmpTargetAddrEntry.5 Integer32  read-create     current
/etc/mib.defs:snmpTargetAddrTagList snmpTargetAddrEntry.6 SnmpTagList     read-create     current
/etc/mib.defs:snmpTargetAddrParams snmpTargetAddrEntry.7 SnmpAdminString  read-create     current
/etc/mib.defs:snmpTargetAddrStorageType snmpTargetAddrEntry.8 StorageType     read-create     current
/etc/mib.defs:snmpTargetAddrRowStatus snmpTargetAddrEntry.9 RowStatus       read-create     current
/etc/mib.defs:snmpTargetParamsTable snmpTargetObjects.3 Table           not-accessible  current
/etc/mib.defs:snmpTargetParamsEntry snmpTargetParamsTable.1 Row             not-accessible  current
/etc/mib.defs:snmpTargetParamsName snmpTargetParamsEntry.1 SnmpAdminString  not-accessible  current
/etc/mib.defs:snmpTargetParamsMPModel snmpTargetParamsEntry.2 SnmpMessageProcessingModel read-create     current
/etc/mib.defs:snmpTargetParamsSecurityModel snmpTargetParamsEntry.3 SnmpSecurityModel read-create     current
/etc/mib.defs:snmpTargetParamsSecurityName snmpTargetParamsEntry.4 SnmpAdminString read-create     current
/etc/mib.defs:snmpTargetParamsSecurityLevel snmpTargetParamsEntry.5 SnmpSecurityLevel read-create     current
/etc/mib.defs:snmpTargetParamsStorageType snmpTargetParamsEntry.6 StorageType     read-create     current
/etc/mib.defs:snmpTargetParamsRowStatus snmpTargetParamsEntry.7 RowStatus       read-create     current
/etc/mib.defs:snmpUnavailableContexts snmpTargetObjects.4 Counter32       read-only       current
/etc/mib.defs:snmpUnknownContexts  snmpTargetObjects.5 Counter32       read-only       current
/etc/mib.defs:snmpTargetConformance snmpTargetMIB.3 
/etc/mib.defs:snmpTargetCompliances snmpTargetConformance.1
/etc/mib.defs:snmpTargetCommandResponderCompliance snmpTargetCompliances.1 
/etc/mib.defs:snmpTargetGroups     snmpTargetConformance.2 
/etc/mib.defs:snmpTargetBasicGroup snmpTargetGroups.1 
/etc/mib.defs:snmpTargetResponseGroup snmpTargetGroups.2
/etc/mib.defs:snmpTargetCommandResponderGroup snmpTargetGroups.3
/etc/mib.defs:snmpNotificationMIB  snmpModules.13  
/etc/mib.defs:snmpNotifyObjects    snmpNotificationMIB.1
/etc/mib.defs:snmpNotifyTable      snmpNotifyObjects.1 Table           not-accessible  current
/etc/mib.defs:snmpNotifyEntry      snmpNotifyTable.1 Row             not-accessible  current
/etc/mib.defs:snmpNotifyName       snmpNotifyEntry.1 SnmpAdminString  not-accessible  current
/etc/mib.defs:snmpNotifyTag        snmpNotifyEntry.2 SnmpTagValue    read-create     current
/etc/mib.defs:snmpNotifyType       snmpNotifyEntry.3 INTEGER		read-create     current
/etc/mib.defs:snmpNotifyStorageType snmpNotifyEntry.4 StorageType     read-create     current
/etc/mib.defs:snmpNotifyRowStatus  snmpNotifyEntry.5 RowStatus       read-create     current
/etc/mib.defs:snmpNotifyFilterProfileTable snmpNotifyObjects.2 Table           not-accessible  current
/etc/mib.defs:snmpNotifyFilterProfileEntry snmpNotifyFilterProfileTable.1 Row             not-accessible  current
/etc/mib.defs:snmpNotifyFilterProfileName snmpNotifyFilterProfileEntry.1 SnmpAdminString  read-create   current
/etc/mib.defs:snmpNotifyFilterProfileStorType snmpNotifyFilterProfileEntry.2 StorageType     read-create     current
/etc/mib.defs:snmpNotifyFilterProfileRowStatus snmpNotifyFilterProfileEntry.3 RowStatus       read-create     current
/etc/mib.defs:snmpNotifyFilterTable snmpNotifyObjects.3 Table           not-accessible  current
/etc/mib.defs:snmpNotifyFilterEntry snmpNotifyFilterTable.1 Row             not-accessible  current
/etc/mib.defs:snmpNotifyFilterSubtree snmpNotifyFilterEntry.1 ObjectID        not-accessible  current
/etc/mib.defs:snmpNotifyFilterMask snmpNotifyFilterEntry.2 OctetString  read-create     current
/etc/mib.defs:snmpNotifyFilterType snmpNotifyFilterEntry.3 INTEGER	read-create     current
/etc/mib.defs:snmpNotifyFilterStorageType snmpNotifyFilterEntry.4 StorageType     read-create     current
/etc/mib.defs:snmpNotifyFilterRowStatus snmpNotifyFilterEntry.5 RowStatus       read-create     current
/etc/mib.defs:snmpNotifyConformance snmpNotificationMIB.3 
/etc/mib.defs:snmpNotifyCompliances snmpNotifyConformance.1
/etc/mib.defs:snmpNotifyBasicCompliance snmpNotifyCompliances.1
/etc/mib.defs:snmpNotifyBasicFiltersCompliance snmpNotifyCompliances.2
/etc/mib.defs:snmpNotifyFullCompliance snmpNotifyCompliances.3 
/etc/mib.defs:snmpNotifyGroups     snmpNotifyConformance.2 
/etc/mib.defs:snmpNotifyGroup      snmpNotifyGroups.1 
/etc/mib.defs:snmpNotifyFilterGroup snmpNotifyGroups.2
/etc/mib.defs:snmpProxyMIB         snmpModules.14  
/etc/mib.defs:snmpProxyObjects     snmpProxyMIB.1  
/etc/mib.defs:snmpProxyTable       snmpProxyObjects.2 Table           not-accessible  current
/etc/mib.defs:snmpProxyEntry       snmpProxyTable.1 Row             not-accessible  current
/etc/mib.defs:snmpProxyName        snmpProxyEntry.1 SnmpAdminString  not-accessible  current
/etc/mib.defs:snmpProxyType        snmpProxyEntry.2 INTEGER	read-create     current
/etc/mib.defs:snmpProxyContextEngineID snmpProxyEntry.3 SnmpEngineID    read-create     current
/etc/mib.defs:snmpProxyContextName snmpProxyEntry.4 SnmpAdminString read-create     current
/etc/mib.defs:snmpProxyTargetParamsIn snmpProxyEntry.5 SnmpAdminString read-create     current
/etc/mib.defs:snmpProxySingleTargetOut snmpProxyEntry.6 SnmpAdminString read-create     current
/etc/mib.defs:snmpProxyMultipleTargetOut snmpProxyEntry.7 SnmpTagValue    read-create     current
/etc/mib.defs:snmpProxyStorageType snmpProxyEntry.8 StorageType     read-create     current
/etc/mib.defs:snmpProxyRowStatus   snmpProxyEntry.9 RowStatus       read-create     current
/etc/mib.defs:snmpProxyConformance snmpProxyMIB.3  
/etc/mib.defs:snmpProxyCompliances snmpProxyConformance.1
/etc/mib.defs:snmpProxyCompliance  snmpProxyCompliances.1
/etc/mib.defs:snmpProxyGroups      snmpProxyConformance.2 
/etc/mib.defs:snmpProxyGroup       snmpProxyGroups.3 
/etc/mib.defs:usmNoAuthProtocol    snmpAuthProtocols.1 
/etc/mib.defs:usmHMACMD5AuthProtocol snmpAuthProtocols.2
/etc/mib.defs:usmHMACSHAAuthProtocol snmpAuthProtocols.3 
/etc/mib.defs:usmNoPrivProtocol    snmpPrivProtocols.1 
/etc/mib.defs:usmDESPrivProtocol   snmpPrivProtocols.2 
/etc/mib.defs:snmpUsmMIB           snmpModules.15  
/etc/mib.defs:usmMIBObjects        snmpUsmMIB.1   
/etc/mib.defs:usmMIBConformance    snmpUsmMIB.2  
/etc/mib.defs:snmpVacmMIB          snmpModules.16 
/etc/mib.defs:vacmMIBObjects       snmpVacmMIB.1   
/etc/mib.defs:vacmMIBConformance   snmpVacmMIB.2   
/etc/mrouted.conf:# NOTE: ONLY uncomment the following if you are running mrouted.snmp!
/etc/rc.tcpip:#start /usr/sbin/snmpd "$src_running"
/etc/rc.tcpip:# Start up the snmpmibd daemon
/etc/rc.tcpip:#start /usr/sbin/snmpmibd "$src_running"
/etc/services:snmp			161/tcp		# SNMP
/etc/services:snmp			161/udp		# SNMP
/etc/services:snmptrap		162/tcp		# SNMPTRAP
/etc/services:snmptrap		162/udp		# SNMPTRAP
/etc/services:snmp-tcp-port	 1993/tcp		# cisco SNMP TCP port
/etc/services:snmp-tcp-port	 1993/udp		# cisco SNMP TCP port
/etc/services:oce-snmp-trap	 2697/tcp		# Oce SNMP Trap Port 
/etc/services:oce-snmp-trap	 2697/udp		# Oce SNMP Trap Port 
/etc/services:websphere-snmp	3427/tcp		# WebSphere SNMP
/etc/services:websphere-snmp	3427/udp		# WebSphere SNMP
/etc/services:patrol-snmp	 8161/tcp		# Patrol SNMP
/etc/services:patrol-snmp	 8161/udp		# Patrol SNMP
/etc/snmpd.conf:# tcpip610 src/tcpip/etc/snmpd.conf 1.14 
/etc/snmpd.conf:# @(#)93        1.14  src/tcpip/etc/snmpd.conf, snmp, tcpip610 6/5/04 14:53:19
/etc/snmpd.conf:# FILE:	/etc/snmpd.conf
/etc/snmpd.conf:# snmpd configuration information
/etc/snmpd.conf:#    requests of this snmpd agent.  Define these restrictions as follows:
/etc/snmpd.conf:#    name is not implemented for traps.  The snmpd agent only checks 
/etc/snmpd.conf:# 5. Set your snmpd specific configuration parameters as follows:
/etc/snmpd.conf:#	snmpd  <variable>=<value>
/etc/snmpd.conf:#    bytes, that the snmpd agent will transmit.  The minimum value to 
/etc/snmpd.conf:#    which maxpacket can be set is 300 bytes.  If there is no snmpd entry 
/etc/snmpd.conf:#    at which the snmpd agent will query the interfaces to check for 
/etc/snmpd.conf:#    can be set is 30 seconds.  If 0 (zero) is specified, snmpd will not 
/etc/snmpd.conf:#    query the interfaces for status changes.  If no snmpd entry for 
/etc/snmpd.conf:#    seconds, at which snmpd will timeout on a request to a smux peer.
/etc/snmpd.conf:#    If 0 (zero) is specified, snmpd will not timeout on smux requests.
/etc/snmpd.conf:#    If no snmpd entry for smuxtimeout is specified, the default value
/etc/snmpd.conf:#    (i.e., the machine on which snmpd is running) will be used for all SMUX 
/etc/snmpd.conf:#    the order in which the fields are entered in the snmpd  entry.  An 
/etc/snmpd.conf:#    snmpd entry can contain single or multiple fields. 
/etc/snmpd.conf:#    password that snmpd requires from the SMUX peer client to authenticate
/etc/snmpd.conf:#    If the values are not set in these files, the snmpd daemon will return a
/etc/snmpd.conf:logging		file=/usr/tmp/snmpd.log 	enabled	
/etc/snmpd.conf:#snmpd		maxpacket=1024 querytimeout=120 smuxtimeout=60
/etc/snmpd.peers:# tcpip610 src/tcpip/etc/snmpd.peers 1.5 
/etc/snmpd.peers:# @(#)94        1.5  src/tcpip/etc/snmpd.peers, snmp, tcpip610 11/19/96 16:10:34
/etc/snmpd.peers:# FILE:	/etc/snmpd.peers
/etc/snmpd.peers:# snmpd configuration for SMUX peers
/etc/snmpd.peers:#    snmpd daemon requires from the SMUX peer client to authenticate
/etc/snmpmibd.conf:# tcpip610 src/tcpip/etc/snmpmibd.conf 1.3 
/etc/snmpmibd.conf:# @(#)46        1.3  src/tcpip/etc/snmpmibd.conf, snmp, tcpip610 6/5/04 14:55:32
/etc/snmpmibd.conf:#   snmpmibd.conf -- AIX SNMP MIB Subagent configuration file
/etc/snmpmibd.conf:logFileName=/usr/tmp/snmpmibd.log
/etc/tcp.clean:	snmpd \

inittab:


Code:
init:2:initdefault:
brc::sysinit:/sbin/rc.boot 3 >/dev/console 2>&1 # Phase 3 of system boot
powerfail::powerfail:/etc/rc.powerfail 2>&1 | alog -tboot > /dev/console # Power Failure Detection
mkatmpvc:2:once:/usr/sbin/mkatmpvc >/dev/console 2>&1
atmsvcd:2:once:/usr/sbin/atmsvcd >/dev/console 2>&1
tunables:23456789:wait:/usr/sbin/tunrestore -R > /dev/console 2>&1 # Set tunables
securityboot:2:bootwait:/etc/rc.security.boot > /dev/console 2>&1
rc:23456789:wait:/etc/rc 2>&1 | alog -tboot > /dev/console # Multi-User checks
srcmstr:23456789:respawn:/usr/sbin/srcmstr # System Resource Controller
platform_agent:2:once:/usr/bin/startsrc -s platform_agent >/dev/null 2>&1
rctcpip:23456789:wait:/etc/rc.tcpip > /dev/console 2>&1 # Start TCP/IP daemons
:ldapclntd:23456789:wait:/usr/sbin/start-secldapclntd  > /dev/console 2>&1 
rckrb5:2:wait:/etc/rc.krb5 > /dev/console 2>&1
aso:23456789:once:/usr/bin/startsrc -s aso
fbcheck:23456789:wait:/usr/sbin/fbcheck 2>&1 | alog -tboot > /dev/console # run /etc/firstboot
cron:23456789:respawn:/usr/sbin/cron
clusterconf:23456789:once:/usr/sbin/clusterconf
:piobe:2:wait:/usr/lib/lpd/pioinit_cp >/dev/null 2>&1  # pb cleanup
cons:0123456789:respawn:/usr/sbin/getty /dev/console
:qdaemon:23456789:wait:/usr/bin/startsrc -sqdaemon
writesrv:23456789:wait:/usr/bin/startsrc -swritesrv
uprintfd:23456789:respawn:/usr/sbin/uprintfd
shdaemon:2:off:/usr/sbin/shdaemon >/dev/console 2>&1 # High availability daemon
trustedboot:2:wait:/etc/rc.trustedboot > /dev/console 2>&1 # Get trusted log and start TCSD
l2:2:wait:/etc/rc.d/rc 2 
l3:3:wait:/etc/rc.d/rc 3 
l4:4:wait:/etc/rc.d/rc 4 
l5:5:wait:/etc/rc.d/rc 5 
l6:6:wait:/etc/rc.d/rc 6 
l7:7:wait:/etc/rc.d/rc 7 
l8:8:wait:/etc/rc.d/rc 8 
l9:9:wait:/etc/rc.d/rc 9 
naudio2::boot:/usr/sbin/naudio2 > /dev/null
naudio::boot:/usr/sbin/naudio > /dev/null
rcml:2:once:/usr/ml/aix71/rc.ml > /dev/console 2>&1
rcwpars:2:once:/etc/rc.wpars > /dev/console 2>&1 # Corrals autostart
logsymp:2:once:/usr/lib/ras/logsymptom # for system dumps
perfstat:2:once:/usr/lib/perf/libperfstat_updt_dictionary >/dev/console 2>&1
diagd:2:once:/usr/lpp/diagnostics/bin/diagd >/dev/console 2>&1
artex:2:wait:/usr/sbin/artexset -q -c -R /etc/security/artex/config/master_profile.xml > /dev/console 2>&1
cimservices:2:once:/usr/bin/startsrc -s cimsys >/dev/null 2>&1
clcomd:23456789:once:/usr/bin/startsrc -s clcomd
pconsole:2:once:/usr/bin/startsrc -s pconsole  > /dev/null 2>&1
xmdaily:2:once:/usr/bin/topasrec -L -s 300 -R 1 -r 6 -o /etc/perf/daily/ -ypersistent=1 2>&1 >/dev/null #Start local binary recording
cas_agent:2:once:/usr/bin/startsrc -s cas_agent >/dev/null 2>&1
ctrmc:2:once:/usr/bin/startsrc -s ctrmc > /dev/console 2>&1
ha_star:h2:once:/etc/rc.ha_star >/dev/console 2>&1
audit:2:once:audit start > /dev/console 2>&1 # Start audit
:lpd:2:once:/usr/bin/startsrc -s lpd
:dt:2:wait:/etc/rc.dtpscrtc:2:once: /usr/bin/startsrc -s rtcdvty0:2:off:/usr/sbin/getty /dev/vty0

Any ideas?
Sponsored Links
    #2  
Old 03-22-2013
MichaelFelt MichaelFelt is offline
Registered User
 
Join Date: Nov 2012
Last Activity: 11 December 2013, 7:33 AM EST
Location: on the road for work; home is private time
Posts: 311
Thanks: 6
Thanked 75 Times in 71 Posts
I will have to look for doing it "manually", give me a moment, to a day (as I have a plane to catch shortly).

1) Use smitty otherserv to turn it off

Ulimately, it will do/tell you (I found it already!) to use this command.
# /usr/sbin/chrctcp -S -d snmpd

However, if you are hardening AIX, a much easier way is to use aix security expert - aixpert .
# aixpert -l h probably does more than you want.
# aixpert -l m is a good basic starting point.

You can do them in either order, aixpert knows what to do. FYI you can also create a custom XML file (once you understand better whet you want) to make something different.

To save a lot of typing - I recommend reading the man page and/or Security.pdf (to be found at/via AIX InfoCenter).
Sponsored Links
    #3  
Old 03-22-2013
Janpol Janpol is offline
Registered User
 
Join Date: Mar 2013
Last Activity: 25 September 2013, 10:54 AM EDT
Posts: 9
Thanks: 3
Thanked 2 Times in 2 Posts
Quote:
Originally Posted by MichaelFelt View Post
# /usr/sbin/chrctcp -S -d snmpd

However, if you are hardening AIX, a much easier way is to use aix security expert - aixpert .
# aixpert -l h probably does more than you want.
# aixpert -l m is a good basic starting point.
I've run chrctcp, and customized the high level security profile and applied it. In fact, I've noticed that the snmpd service was running because I'm using Real time Compliance, to check that my configurations in the AIXpert profile are in place. My only guess is that I'm running a process/service that starts the snmpd service.
    #4  
Old 03-22-2013
MichaelFelt MichaelFelt is offline
Registered User
 
Join Date: Nov 2012
Last Activity: 11 December 2013, 7:33 AM EST
Location: on the road for work; home is private time
Posts: 311
Thanks: 6
Thanked 75 Times in 71 Posts
I would run chmod 0 on the actual programs:

Code:
# ls -l /usr/sbin/snmpd*
lrwxrwxrwx 1 root system      9 Oct 18 18:59 /usr/sbin/snmpd -> snmpdv3ne
-rwxr-x--- 1 root system 363992 Oct  2 21:51 /usr/sbin/snmpd64v1
-rwxr-x--- 1 root system 335192 Oct  2 21:52 /usr/sbin/snmpdv1
-rwxr-x--- 1 root system 336148 Nov 16  2011 /usr/sbin/snmpdv3ne

better would be to customize aixpert to use
Code:
fpm

to do that for you.

p.s., you could move the originals away and write a script/program to tell you who/what is trying to start it. I would expect it to be something super-user powered.

As you have spoken about RBAC check that noone has authorization to start it anyway.


Code:
michael@x054:[/home/michael]lssecattr -c /usr/sbin/snmpdv3ne
/usr/sbin/snmpdv3ne accessauths=aix.network.daemon,ALLOW_OWNER innateprivs=PV_NET_PORT,PV_DAC_R,PV_DAC_W,PV_DAC_X,PV_DAC_GID,PV_DAC_UID,PV_PROC_RAC secflags=FSF_EPS

The Following User Says Thank You to MichaelFelt For This Useful Post:
Janpol (03-22-2013)
Sponsored Links
    #5  
Old 03-22-2013
Janpol Janpol is offline
Registered User
 
Join Date: Mar 2013
Last Activity: 25 September 2013, 10:54 AM EDT
Posts: 9
Thanks: 3
Thanked 2 Times in 2 Posts
Quote:
Originally Posted by MichaelFelt View Post
I would run chmod 0 on the actual programs:

Code:
# ls -l /usr/sbin/snmpd*
lrwxrwxrwx 1 root system      9 Oct 18 18:59 /usr/sbin/snmpd -> snmpdv3ne
-rwxr-x--- 1 root system 363992 Oct  2 21:51 /usr/sbin/snmpd64v1
-rwxr-x--- 1 root system 335192 Oct  2 21:52 /usr/sbin/snmpdv1
-rwxr-x--- 1 root system 336148 Nov 16  2011 /usr/sbin/snmpdv3ne

better would be to customize aixpert to use
Code:
fpm

to do that for you.
I've done this, snmp won't start now and so far anything is broken

Quote:
Originally Posted by MichaelFelt View Post
As you have spoken about RBAC check that noone has authorization to start it anyway.


Code:
michael@x054:[/home/michael]lssecattr -c /usr/sbin/snmpdv3ne
/usr/sbin/snmpdv3ne accessauths=aix.network.daemon,ALLOW_OWNER innateprivs=PV_NET_PORT,PV_DAC_R,PV_DAC_W,PV_DAC_X,PV_DAC_GID,PV_DAC_UID,PV_PROC_RAC secflags=FSF_EPS

Indeed, no user has authorization to start this.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable? manalisharmabe Red Hat 2 10-24-2011 04:57 AM
How to disable Enable/Disable Tab Key carnegiex Shell Programming and Scripting 1 12-13-2009 11:00 AM
SNMPD: need a little help. draco HP-UX 0 09-19-2008 03:32 AM
Snmpd jess_t03 Linux 0 10-11-2007 01:51 PM
snmpd modification problem helloajith AIX 1 09-06-2006 06:54 AM



All times are GMT -4. The time now is 05:14 PM.