rieve sensitive information contained in the MIB. You can protect yourself again
st any of these attacks. The following is a list of possible attacks and how you
can protect yourself (from highest to lowest risk):
Brute force of community names : Replace the default password (often ""public"
" or ""private"") with a secure one. The password should be hard to guess, and s
hould not be derived from the hostname of the machine or from its model name (e.
g., ""sun"" or ""ibm"").
Eavesdropping of community names : SNMP Version 3 agents, as well as some of t
he SNMP Version 2 agents (not those named SNMPv2c for ""community based SNMP ver
sion 2"") include authentication using hashing functions, such as MD5.
Eavesdropping of information retrieved by authorized users : Use the privacy f
unction, such as DES-encryption, of the protocols described above.
Replay of legitimate SNMP message by unauthorized users : The protocols descri
bed above provide a simple replay protection using a timestamp and a message seq
uence number.
"
stopsrc -s snmpd
stopsrc -s dpid2
stopsrc -s aixmibd
stopsrc -s hostmibd
stopsrc -s snmpmibd