Hi everyone, I am struggling with something that I thought it would be really easy. I want to disable snmpd, but every time y reboot my server, it starts again. I've commented it out on the rc.tcpip file, but still it starts automatically.
Code:
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
I've also commented it out the following:
Code:
# Start up the hostmibd daemon
#start /usr/sbin/hostmibd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"
# Start up the aixmibd daemon
#start /usr/sbin/aixmibd "$src_running"
In fact, the only thing that isn't commented out is this:
Code:
# Start up socket-based daemons
start /usr/sbin/inetd "$src_running"
This is my inetd.conf file:
Code:
## service socket protocol wait/ user server server program
## name type nowait program arguments
##
#ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd
#telnet stream tcp6 nowait root /usr/sbin/telnetd telnetd -a
#shell stream tcp6 nowait root /usr/sbin/rshd rshd
#kshell stream tcp nowait root /usr/sbin/krshd krshd
#login stream tcp6 nowait root /usr/sbin/rlogind rlogind
#klogin stream tcp nowait root /usr/sbin/krlogind krlogind
#exec stream tcp6 nowait root /usr/sbin/rexecd rexecd
#comsat dgram udp wait root /usr/sbin/comsat comsat
#uucp stream tcp nowait root /usr/sbin/uucpd uucpd
#bootps dgram udp wait root /usr/sbin/bootpd bootpd /etc/bootptab
##
## Finger, systat and netstat give out user information which may be
## valuable to potential "system crackers." Many sites choose to disable
## some or all of these services to improve security.
##
#finger stream tcp nowait nobody /usr/sbin/fingerd fingerd
#systat stream tcp nowait nobody /usr/bin/ps ps -ef
#netstat stream tcp nowait nobody /usr/bin/netstat netstat -f inet
#
#tftp dgram udp6 SRC nobody /usr/sbin/tftpd tftpd -n
#talk dgram udp wait root /usr/sbin/talkd talkd
#ntalk dgram udp wait root /usr/sbin/talkd talkd
#
# rexd uses very minimal authentication and many sites choose to disable
# this service to improve security.
#
#rquotad sunrpc_udp udp wait root /usr/sbin/rpc.rquotad rquotad 100011 1
#rexd sunrpc_tcp tcp wait root /usr/sbin/rpc.rexd rexd 100017 1
#rstatd sunrpc_udp udp wait root /usr/sbin/rpc.rstatd rstatd 100001 1-3
#rusersd sunrpc_udp udp wait root /usr/lib/netsvc/rusers/rpc.rusersd rusersd 100002 1-2
#rwalld sunrpc_udp udp wait root /usr/lib/netsvc/rwall/rpc.rwalld rwalld 100008 1
#sprayd sunrpc_udp udp wait root /usr/lib/netsvc/spray/rpc.sprayd sprayd 100012 1
#pcnfsd sunrpc_udp udp wait root /usr/sbin/rpc.pcnfsd pcnfsd 150001 1-2
#echo stream tcp nowait root internal
#discard stream tcp nowait root internal
#chargen stream tcp nowait root internal
#daytime stream tcp nowait root internal
#time stream tcp nowait root internal
#echo dgram udp wait root internal
#discard dgram udp wait root internal
#chargen dgram udp wait root internal
#daytime dgram udp wait root internal
#time dgram udp wait root internal
#dtspc stream tcp nowait root
#ttdbserver sunrpc_tcp tcp wait
#cmsd sunrpc_udp udp wait root
## The following line is for installing over the network.
#instsrv stream tcp nowait netinst /u/netinst/bin/instsrv instsrv -r /tmp/netinstalllog /u/netinst/scripts
#imap2 stream tcp nowait root /usr/sbin/imapd imapd
#pop3 stream tcp nowait root /usr/sbin/pop3d pop3d
caa_cfg stream tcp6 nowait root /usr/sbin/clusterconf clusterconf >>/var/adm/ras/clusterconf.log 2>&1
xmquery dgram udp wait root /usr/bin/xmtopas xmtopas -p3
And the output of grep snmp /etc/* 2>/dev/null :
Code:
/etc/aixmibd.conf:# @(#)59 1.10 src/tcpip/etc/aixmibd.conf, smsnmp, tcpip610 6/20/03 11:02:48
/etc/aixmibd.conf:# extension, /usr/samples/snmpd/aixmib.my.
/etc/atm.defs:-- @(#)17 1.2 src/tcpip/etc/atm.defs, snmpatm, tcpip610 8/14/97 11:32:19
/etc/clsnmp.conf:# tcpip610 src/tcpip/etc/clsnmp.conf 1.1
/etc/clsnmp.conf:# @(#)29 1.1 src/tcpip/etc/clsnmp.conf, snmp, tcpip610 2/4/02 21:51:04
/etc/clsnmp.conf:# As the clsnmp command supports both issuance of SNMP requests and receipt
/etc/clsnmp.conf:# of SNMP traps, the entries in the clsnmp.conf file must be defined for both
/etc/gated.conf:# timer, parse, route, kernel, bgp, egp, rip, hello, icmp, snmp,
/etc/gated.conf:# snmp yes|no|on|off [ {
/etc/mib.defs:-- @(#)92 1.24 src/tcpip/etc/mib.defs, snmp, tcpip61H, 0913A_61H 3/19/09 12:55:17
/etc/mib.defs:risc6000snmpd risc6000agents.1
/etc/mib.defs:risc6000snmpmibd risc6000agents.6
/etc/mib.defs:snmp mib-2.11
/etc/mib.defs:snmpInPkts snmp.1 Counter read-only mandatory
/etc/mib.defs:snmpOutPkts snmp.2 Counter read-only mandatory
/etc/mib.defs:snmpInBadVersions snmp.3 Counter read-only mandatory
/etc/mib.defs:snmpInBadCommunityNames snmp.4 Counter read-only mandatory
/etc/mib.defs:snmpInBadCommunityUses snmp.5 Counter read-only mandatory
/etc/mib.defs:snmpInASNParseErrs snmp.6 Counter read-only mandatory
/etc/mib.defs:snmpInTooBigs snmp.8 Counter read-only mandatory
/etc/mib.defs:snmpInNoSuchNames snmp.9 Counter read-only mandatory
/etc/mib.defs:snmpInBadValues snmp.10 Counter read-only mandatory
/etc/mib.defs:snmpInReadOnlys snmp.11 Counter read-only mandatory
/etc/mib.defs:snmpInGenErrs snmp.12 Counter read-only mandatory
/etc/mib.defs:snmpInTotalReqVars snmp.13 Counter read-only mandatory
/etc/mib.defs:snmpInTotalSetVars snmp.14 Counter read-only mandatory
/etc/mib.defs:snmpInGetRequests snmp.15 Counter read-only mandatory
/etc/mib.defs:snmpInGetNexts snmp.16 Counter read-only mandatory
/etc/mib.defs:snmpInSetRequests snmp.17 Counter read-only mandatory
/etc/mib.defs:snmpInGetResponses snmp.18 Counter read-only mandatory
/etc/mib.defs:snmpInTraps snmp.19 Counter read-only mandatory
/etc/mib.defs:snmpOutTooBigs snmp.20 Counter read-only mandatory
/etc/mib.defs:snmpOutNoSuchNames snmp.21 Counter read-only mandatory
/etc/mib.defs:snmpOutBadValues snmp.22 Counter read-only mandatory
/etc/mib.defs:snmpOutGenErrs snmp.24 Counter read-only mandatory
/etc/mib.defs:snmpOutGetRequests snmp.25 Counter read-only mandatory
/etc/mib.defs:snmpOutGetNexts snmp.26 Counter read-only mandatory
/etc/mib.defs:snmpOutSetRequests snmp.27 Counter read-only mandatory
/etc/mib.defs:snmpOutGetResponses snmp.28 Counter read-only mandatory
/etc/mib.defs:snmpOutTraps snmp.29 Counter read-only mandatory
/etc/mib.defs:snmpEnableAuthenTraps snmp.30 INTEGER read-write mandatory
/etc/mib.defs:snmpSilentDrops snmp.31 Counter32 read-only current
/etc/mib.defs:snmpProxyDrops snmp.32 Counter32 read-only current
/etc/mib.defs:snmpDomain viewDomains.1
/etc/mib.defs:rfc1157Domain snmpDomain.1
/etc/mib.defs:cltsDomain snmpDomain.3
/etc/mib.defs:cotsNDomain snmpDomain.4
/etc/mib.defs:cotsXDomain snmpDomain.5
/etc/mib.defs:snmpV2 internet.6
/etc/mib.defs:snmpDomains snmpV2.1
/etc/mib.defs:snmpProxys snmpV2.2
/etc/mib.defs:snmpModules snmpV2.3
/etc/mib.defs:snmpFrameworkMIB snmpModules.10
/etc/mib.defs:snmpFrameworkAdmin snmpFrameworkMIB.1
/etc/mib.defs:snmpAuthProtocols snmpFrameworkAdmin.1
/etc/mib.defs:snmpPrivProtocols snmpFrameworkAdmin.2
/etc/mib.defs:snmpFrameworkMIBObjects snmpFrameworkMIB.2
/etc/mib.defs:snmpEngine snmpFrameworkMIBObjects.1
/etc/mib.defs:snmpEngineID snmpEngine.1 OctetString read-only current
/etc/mib.defs:snmpEngineBoots snmpEngine.2 INTEGER read-only current
/etc/mib.defs:snmpEngineTime snmpEngine.3 INTEGER read-only current
/etc/mib.defs:snmpEngineMaxMessageSize snmpEngine.4 INTEGER read-only current
/etc/mib.defs:snmpFrameworkMIBConformance snmpFrameworkMIB.3
/etc/mib.defs:snmpFrameworkMIBCompliances snmpFrameworkMIBConformance.1
/etc/mib.defs:snmpFrameworkMIBCompliance snmpFrameworkMIBCompliances.1
/etc/mib.defs:snmpFrameworkMIBGroups snmpFrameworkMIBConformance.2
/etc/mib.defs:snmpEngineGroup snmpFrameworkMIBGroups.1
/etc/mib.defs:snmpMPDMIB snmpModules.11
/etc/mib.defs:snmpMPDAdmin snmpMPDMIB.1
/etc/mib.defs:snmpMPDMIBObjects snmpMPDMIB.2
/etc/mib.defs:snmpMPDStats snmpMPDMIBObjects.1
/etc/mib.defs:snmpUnknownSecurityModels snmpMPDStats.1 Counter32 read-only current
/etc/mib.defs:snmpInvalidMsgs snmpMPDStats.2 Counter32 read-only current
/etc/mib.defs:snmpUnknownPDUHandlers snmpMPDStats.3 Counter32 read-only current
/etc/mib.defs:snmpMPDMIBConformance snmpMPDMIB.3
/etc/mib.defs:snmpMPDMIBCompliances snmpMPDMIBConformance.1
/etc/mib.defs:snmpMPDCompliance snmpMPDMIBCompliances.1
/etc/mib.defs:snmpMPDMIBGroups snmpMPDMIBConformance.2
/etc/mib.defs:snmpMPDGroup snmpMPDMIBGroups.1
/etc/mib.defs:snmpTargetMIB snmpModules.12
/etc/mib.defs:snmpTargetObjects snmpTargetMIB.1
/etc/mib.defs:snmpTargetSpinLock snmpTargetObjects.1 TestAndIncr read-write current
/etc/mib.defs:snmpTargetAddrTable snmpTargetObjects.2 Table not-accessible current
/etc/mib.defs:snmpTargetAddrEntry snmpTargetAddrTable.1 Row not-accessible current
/etc/mib.defs:snmpTargetAddrName snmpTargetAddrEntry.1 SnmpAdminString not-accessible current
/etc/mib.defs:snmpTargetAddrTDomain snmpTargetAddrEntry.2 TDomain read-create current
/etc/mib.defs:snmpTargetAddrTAddress snmpTargetAddrEntry.3 TAddress read-create current
/etc/mib.defs:snmpTargetAddrTimeout snmpTargetAddrEntry.4 TimeInterval read-create current
/etc/mib.defs:snmpTargetAddrRetryCount snmpTargetAddrEntry.5 Integer32 read-create current
/etc/mib.defs:snmpTargetAddrTagList snmpTargetAddrEntry.6 SnmpTagList read-create current
/etc/mib.defs:snmpTargetAddrParams snmpTargetAddrEntry.7 SnmpAdminString read-create current
/etc/mib.defs:snmpTargetAddrStorageType snmpTargetAddrEntry.8 StorageType read-create current
/etc/mib.defs:snmpTargetAddrRowStatus snmpTargetAddrEntry.9 RowStatus read-create current
/etc/mib.defs:snmpTargetParamsTable snmpTargetObjects.3 Table not-accessible current
/etc/mib.defs:snmpTargetParamsEntry snmpTargetParamsTable.1 Row not-accessible current
/etc/mib.defs:snmpTargetParamsName snmpTargetParamsEntry.1 SnmpAdminString not-accessible current
/etc/mib.defs:snmpTargetParamsMPModel snmpTargetParamsEntry.2 SnmpMessageProcessingModel read-create current
/etc/mib.defs:snmpTargetParamsSecurityModel snmpTargetParamsEntry.3 SnmpSecurityModel read-create current
/etc/mib.defs:snmpTargetParamsSecurityName snmpTargetParamsEntry.4 SnmpAdminString read-create current
/etc/mib.defs:snmpTargetParamsSecurityLevel snmpTargetParamsEntry.5 SnmpSecurityLevel read-create current
/etc/mib.defs:snmpTargetParamsStorageType snmpTargetParamsEntry.6 StorageType read-create current
/etc/mib.defs:snmpTargetParamsRowStatus snmpTargetParamsEntry.7 RowStatus read-create current
/etc/mib.defs:snmpUnavailableContexts snmpTargetObjects.4 Counter32 read-only current
/etc/mib.defs:snmpUnknownContexts snmpTargetObjects.5 Counter32 read-only current
/etc/mib.defs:snmpTargetConformance snmpTargetMIB.3
/etc/mib.defs:snmpTargetCompliances snmpTargetConformance.1
/etc/mib.defs:snmpTargetCommandResponderCompliance snmpTargetCompliances.1
/etc/mib.defs:snmpTargetGroups snmpTargetConformance.2
/etc/mib.defs:snmpTargetBasicGroup snmpTargetGroups.1
/etc/mib.defs:snmpTargetResponseGroup snmpTargetGroups.2
/etc/mib.defs:snmpTargetCommandResponderGroup snmpTargetGroups.3
/etc/mib.defs:snmpNotificationMIB snmpModules.13
/etc/mib.defs:snmpNotifyObjects snmpNotificationMIB.1
/etc/mib.defs:snmpNotifyTable snmpNotifyObjects.1 Table not-accessible current
/etc/mib.defs:snmpNotifyEntry snmpNotifyTable.1 Row not-accessible current
/etc/mib.defs:snmpNotifyName snmpNotifyEntry.1 SnmpAdminString not-accessible current
/etc/mib.defs:snmpNotifyTag snmpNotifyEntry.2 SnmpTagValue read-create current
/etc/mib.defs:snmpNotifyType snmpNotifyEntry.3 INTEGER read-create current
/etc/mib.defs:snmpNotifyStorageType snmpNotifyEntry.4 StorageType read-create current
/etc/mib.defs:snmpNotifyRowStatus snmpNotifyEntry.5 RowStatus read-create current
/etc/mib.defs:snmpNotifyFilterProfileTable snmpNotifyObjects.2 Table not-accessible current
/etc/mib.defs:snmpNotifyFilterProfileEntry snmpNotifyFilterProfileTable.1 Row not-accessible current
/etc/mib.defs:snmpNotifyFilterProfileName snmpNotifyFilterProfileEntry.1 SnmpAdminString read-create current
/etc/mib.defs:snmpNotifyFilterProfileStorType snmpNotifyFilterProfileEntry.2 StorageType read-create current
/etc/mib.defs:snmpNotifyFilterProfileRowStatus snmpNotifyFilterProfileEntry.3 RowStatus read-create current
/etc/mib.defs:snmpNotifyFilterTable snmpNotifyObjects.3 Table not-accessible current
/etc/mib.defs:snmpNotifyFilterEntry snmpNotifyFilterTable.1 Row not-accessible current
/etc/mib.defs:snmpNotifyFilterSubtree snmpNotifyFilterEntry.1 ObjectID not-accessible current
/etc/mib.defs:snmpNotifyFilterMask snmpNotifyFilterEntry.2 OctetString read-create current
/etc/mib.defs:snmpNotifyFilterType snmpNotifyFilterEntry.3 INTEGER read-create current
/etc/mib.defs:snmpNotifyFilterStorageType snmpNotifyFilterEntry.4 StorageType read-create current
/etc/mib.defs:snmpNotifyFilterRowStatus snmpNotifyFilterEntry.5 RowStatus read-create current
/etc/mib.defs:snmpNotifyConformance snmpNotificationMIB.3
/etc/mib.defs:snmpNotifyCompliances snmpNotifyConformance.1
/etc/mib.defs:snmpNotifyBasicCompliance snmpNotifyCompliances.1
/etc/mib.defs:snmpNotifyBasicFiltersCompliance snmpNotifyCompliances.2
/etc/mib.defs:snmpNotifyFullCompliance snmpNotifyCompliances.3
/etc/mib.defs:snmpNotifyGroups snmpNotifyConformance.2
/etc/mib.defs:snmpNotifyGroup snmpNotifyGroups.1
/etc/mib.defs:snmpNotifyFilterGroup snmpNotifyGroups.2
/etc/mib.defs:snmpProxyMIB snmpModules.14
/etc/mib.defs:snmpProxyObjects snmpProxyMIB.1
/etc/mib.defs:snmpProxyTable snmpProxyObjects.2 Table not-accessible current
/etc/mib.defs:snmpProxyEntry snmpProxyTable.1 Row not-accessible current
/etc/mib.defs:snmpProxyName snmpProxyEntry.1 SnmpAdminString not-accessible current
/etc/mib.defs:snmpProxyType snmpProxyEntry.2 INTEGER read-create current
/etc/mib.defs:snmpProxyContextEngineID snmpProxyEntry.3 SnmpEngineID read-create current
/etc/mib.defs:snmpProxyContextName snmpProxyEntry.4 SnmpAdminString read-create current
/etc/mib.defs:snmpProxyTargetParamsIn snmpProxyEntry.5 SnmpAdminString read-create current
/etc/mib.defs:snmpProxySingleTargetOut snmpProxyEntry.6 SnmpAdminString read-create current
/etc/mib.defs:snmpProxyMultipleTargetOut snmpProxyEntry.7 SnmpTagValue read-create current
/etc/mib.defs:snmpProxyStorageType snmpProxyEntry.8 StorageType read-create current
/etc/mib.defs:snmpProxyRowStatus snmpProxyEntry.9 RowStatus read-create current
/etc/mib.defs:snmpProxyConformance snmpProxyMIB.3
/etc/mib.defs:snmpProxyCompliances snmpProxyConformance.1
/etc/mib.defs:snmpProxyCompliance snmpProxyCompliances.1
/etc/mib.defs:snmpProxyGroups snmpProxyConformance.2
/etc/mib.defs:snmpProxyGroup snmpProxyGroups.3
/etc/mib.defs:usmNoAuthProtocol snmpAuthProtocols.1
/etc/mib.defs:usmHMACMD5AuthProtocol snmpAuthProtocols.2
/etc/mib.defs:usmHMACSHAAuthProtocol snmpAuthProtocols.3
/etc/mib.defs:usmNoPrivProtocol snmpPrivProtocols.1
/etc/mib.defs:usmDESPrivProtocol snmpPrivProtocols.2
/etc/mib.defs:snmpUsmMIB snmpModules.15
/etc/mib.defs:usmMIBObjects snmpUsmMIB.1
/etc/mib.defs:usmMIBConformance snmpUsmMIB.2
/etc/mib.defs:snmpVacmMIB snmpModules.16
/etc/mib.defs:vacmMIBObjects snmpVacmMIB.1
/etc/mib.defs:vacmMIBConformance snmpVacmMIB.2
/etc/mrouted.conf:# NOTE: ONLY uncomment the following if you are running mrouted.snmp!
/etc/rc.tcpip:#start /usr/sbin/snmpd "$src_running"
/etc/rc.tcpip:# Start up the snmpmibd daemon
/etc/rc.tcpip:#start /usr/sbin/snmpmibd "$src_running"
/etc/services:snmp 161/tcp # SNMP
/etc/services:snmp 161/udp # SNMP
/etc/services:snmptrap 162/tcp # SNMPTRAP
/etc/services:snmptrap 162/udp # SNMPTRAP
/etc/services:snmp-tcp-port 1993/tcp # cisco SNMP TCP port
/etc/services:snmp-tcp-port 1993/udp # cisco SNMP TCP port
/etc/services:oce-snmp-trap 2697/tcp # Oce SNMP Trap Port
/etc/services:oce-snmp-trap 2697/udp # Oce SNMP Trap Port
/etc/services:websphere-snmp 3427/tcp # WebSphere SNMP
/etc/services:websphere-snmp 3427/udp # WebSphere SNMP
/etc/services:patrol-snmp 8161/tcp # Patrol SNMP
/etc/services:patrol-snmp 8161/udp # Patrol SNMP
/etc/snmpd.conf:# tcpip610 src/tcpip/etc/snmpd.conf 1.14
/etc/snmpd.conf:# @(#)93 1.14 src/tcpip/etc/snmpd.conf, snmp, tcpip610 6/5/04 14:53:19
/etc/snmpd.conf:# FILE: /etc/snmpd.conf
/etc/snmpd.conf:# snmpd configuration information
/etc/snmpd.conf:# requests of this snmpd agent. Define these restrictions as follows:
/etc/snmpd.conf:# name is not implemented for traps. The snmpd agent only checks
/etc/snmpd.conf:# 5. Set your snmpd specific configuration parameters as follows:
/etc/snmpd.conf:# snmpd <variable>=<value>
/etc/snmpd.conf:# bytes, that the snmpd agent will transmit. The minimum value to
/etc/snmpd.conf:# which maxpacket can be set is 300 bytes. If there is no snmpd entry
/etc/snmpd.conf:# at which the snmpd agent will query the interfaces to check for
/etc/snmpd.conf:# can be set is 30 seconds. If 0 (zero) is specified, snmpd will not
/etc/snmpd.conf:# query the interfaces for status changes. If no snmpd entry for
/etc/snmpd.conf:# seconds, at which snmpd will timeout on a request to a smux peer.
/etc/snmpd.conf:# If 0 (zero) is specified, snmpd will not timeout on smux requests.
/etc/snmpd.conf:# If no snmpd entry for smuxtimeout is specified, the default value
/etc/snmpd.conf:# (i.e., the machine on which snmpd is running) will be used for all SMUX
/etc/snmpd.conf:# the order in which the fields are entered in the snmpd entry. An
/etc/snmpd.conf:# snmpd entry can contain single or multiple fields.
/etc/snmpd.conf:# password that snmpd requires from the SMUX peer client to authenticate
/etc/snmpd.conf:# If the values are not set in these files, the snmpd daemon will return a
/etc/snmpd.conf:logging file=/usr/tmp/snmpd.log enabled
/etc/snmpd.conf:#snmpd maxpacket=1024 querytimeout=120 smuxtimeout=60
/etc/snmpd.peers:# tcpip610 src/tcpip/etc/snmpd.peers 1.5
/etc/snmpd.peers:# @(#)94 1.5 src/tcpip/etc/snmpd.peers, snmp, tcpip610 11/19/96 16:10:34
/etc/snmpd.peers:# FILE: /etc/snmpd.peers
/etc/snmpd.peers:# snmpd configuration for SMUX peers
/etc/snmpd.peers:# snmpd daemon requires from the SMUX peer client to authenticate
/etc/snmpmibd.conf:# tcpip610 src/tcpip/etc/snmpmibd.conf 1.3
/etc/snmpmibd.conf:# @(#)46 1.3 src/tcpip/etc/snmpmibd.conf, snmp, tcpip610 6/5/04 14:55:32
/etc/snmpmibd.conf:# snmpmibd.conf -- AIX SNMP MIB Subagent configuration file
/etc/snmpmibd.conf:logFileName=/usr/tmp/snmpmibd.log
/etc/tcp.clean: snmpd \
Location: on the road for work; home is private time
Posts: 456
Thanks Given: 10
Thanked 108 Times in 100 Posts
I will have to look for doing it "manually", give me a moment, to a day (as I have a plane to catch shortly).
1) Use smitty otherserv to turn it off
Ulimately, it will do/tell you (I found it already!) to use this command. # /usr/sbin/chrctcp -S -d snmpd
However, if you are hardening AIX, a much easier way is to use aix security expert - aixpert. # aixpert -l h probably does more than you want. # aixpert -l m is a good basic starting point.
You can do them in either order, aixpert knows what to do. FYI you can also create a custom XML file (once you understand better whet you want) to make something different.
To save a lot of typing - I recommend reading the man page and/or Security.pdf (to be found at/via AIX InfoCenter).
However, if you are hardening AIX, a much easier way is to use aix security expert - aixpert. # aixpert -l h probably does more than you want. # aixpert -l m is a good basic starting point.
I've run chrctcp, and customized the high level security profile and applied it. In fact, I've noticed that the snmpd service was running because I'm using Real time Compliance, to check that my configurations in the AIXpert profile are in place. My only guess is that I'm running a process/service that starts the snmpd service.
Location: on the road for work; home is private time
Posts: 456
Thanks Given: 10
Thanked 108 Times in 100 Posts
I would run chmod 0 on the actual programs:
Code:
# ls -l /usr/sbin/snmpd*
lrwxrwxrwx 1 root system 9 Oct 18 18:59 /usr/sbin/snmpd -> snmpdv3ne
-rwxr-x--- 1 root system 363992 Oct 2 21:51 /usr/sbin/snmpd64v1
-rwxr-x--- 1 root system 335192 Oct 2 21:52 /usr/sbin/snmpdv1
-rwxr-x--- 1 root system 336148 Nov 16 2011 /usr/sbin/snmpdv3ne
better would be to customize aixpert to use
Code:
fpm
to do that for you.
p.s., you could move the originals away and write a script/program to tell you who/what is trying to start it. I would expect it to be something super-user powered.
As you have spoken about RBAC check that noone has authorization to start it anyway.
# ls -l /usr/sbin/snmpd*
lrwxrwxrwx 1 root system 9 Oct 18 18:59 /usr/sbin/snmpd -> snmpdv3ne
-rwxr-x--- 1 root system 363992 Oct 2 21:51 /usr/sbin/snmpd64v1
-rwxr-x--- 1 root system 335192 Oct 2 21:52 /usr/sbin/snmpdv1
-rwxr-x--- 1 root system 336148 Nov 16 2011 /usr/sbin/snmpdv3ne
better would be to customize aixpert to use
Code:
fpm
to do that for you.
I've done this, snmp won't start now and so far anything is broken
Quote:
Originally Posted by MichaelFelt
As you have spoken about RBAC check that noone has authorization to start it anyway.
Hello All,
SNMPD dying after 2 mins once it started. Here is the configuration
Oct 12 04:43:00 localhost systemd: Starting Simple Network Management Protocol (SNMP) Daemon....
Oct 12 04:43:00 localhost snmpd: dlopen failed: /usr/lib64/libcmaX64.so: cannot open shared object file: No such... (1 Reply)
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Hi,
I have a P595 server with AIX 5.3 and i need to know what version of snmpd i use on this:
Example: On solaris i use Net-snmpd 5.4.2.1 (netsnmp-5.4.2.1-sol9-sparc-local) because i can see the package.
How can i see what snmpd package is installed on the AIX?
Thanks... (3 Replies)
Hi there all,
I am running here an HP UX 11i v1.
I got snmpd running here now.
But how do I configure it so it also shows the HD's and swap and RAM's?
So I can get the info back to Solarwinds Orion?
All I get now is network card status.
I want as many info as posible..
Thanx and... (0 Replies)
Solaris 8
I have a question about snmpd. My software is running on one box. This box has 2 snmp managers. Is it possible to configure snmpd on my software box such that only one of the managers can perform snmpsets? I want my *redundant* snmp manager only to be able receive traps and do... (1 Reply)
i just wonder how to count total traffic and traffic on specified ports (e.g. 192.168.0.1:139 and etc.. ). How can it be done?
(FreeBSD 6.2 i386)
Thx. (5 Replies)
Hi Gurus,
I am relatively new in AIX.
I have a problem in modifying the community string in snmpd.
I have edited the /etc/snmpd.conf file and changed the default community name 'public' to new one (P@@$w0rd).
When I tried to query my aix server with the new string , it is not giving any... (1 Reply)
Good day
I always find these error messages on /var/adm/messages
it appear every 15 mn , does any body know how to stop these messages without stopping the daemon , i tried to restart the daemon by uising Kill -HUP 332
please find below the error messages that appear always in... (1 Reply)