cvs commit: src/etc snmpd.config
Ceri Davies
ceri at submonkey.net
Sat Nov 4 12:46:21 UTC 2006
On Tue, Oct 31, 2006 at 12:28:24PM +0100, Harti Brandt wrote:
> On Tue, 31 Oct 2006, Bjoern A. Zeeb wrote:
>
> BAZ>On Tue, 31 Oct 2006, Hartmut Brandt wrote:
> BAZ>
> BAZ>> harti 2006-10-31 10:23:28 UTC
> BAZ>>
> BAZ>> FreeBSD src repository
> BAZ>>
> BAZ>> Modified files:
> BAZ>> etc snmpd.config
> BAZ>> Log:
> BAZ>> Bind to INADDR_ANY in the default configuration. This makes bsnmpd(1)
> BAZ>> automatically work on multi-homed hosts and without explicite
> BAZ>> specification
> BAZ>> of the hostname in the config file.
> BAZ>>
> BAZ>> Submitted by: jmg
> BAZ>>
> BAZ>> Revision Changes Path
> BAZ>> 1.7 +1 -3 src/etc/snmpd.config
> BAZ>
> BAZ>haeh - I think what we (jmg, glebius and me) had agreed on on IRC was
> BAZ>default bind should be on 'localhost' with a commented out sample
> BAZ>for 0/0. And the bogus$(host) should be dropped.
>
> Well, if you've agreed, then you should probably commit it. Locks ok for
> me too.
>
> BAZ>Binding to 0/0 by default just exposes bsnmpd to the world with a
> BAZ>default secret if blindly enabled which is not a too good idea(tm).
>
> Well, at least there is no write community set, so the amount of damage is
> limited. Also, normally SNMPv[12] should be firewalled. Of course, this
> does not help if you run SNMP on your firewall.
>
> In any case, go ahead and commit.
Did you two decide to leave this be, or is the change still pending on
something?
Ceri
--
That must be wonderful! I don't understand it at all.
-- Moliere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20061104/641b49e4/attachment.pgp
More information about the cvs-src
mailing list