Ausmus, Matt wrote:
First off , I'm posting this question here because it appears the SNMP mailing list is now defunct. If this is the wrong list to post this please let me know and I'll repost it in the correct one.
First I'm running squid with snmp enabled on Centos 4.7. the version of squid is the most recent offered for 4.7: squid-2.5.STABLE14-4.el4. this is my entire snmp configuration (with names and variables changed to protect the innocent ;-))
acl chapmansnmp snmp_community publ!c
snmp_port 3401
snmp_access deny chapmansnmp !chapman1
So what does the chapman1 acl look like?
You have an snmp_access deny line, but no allow line? I've always seen
explicit snmp_access allow followed by "snmp_access deny all". Is
there a reason you are taking a different route?
We are using Rapid7's NeXpose software for vulnerability testing. What was discovered is that an snmpwalk done with anything used as the snmp community string and squid responds back. I've also seen the same results from a Nessus scan (I believe Rapid7 software is based on Nessus but thought I'd try it anyway. I've also seen similar results posted on the Internet). I've tried modifying my community string to see if the special characters are causing the issue but that didn't fix it. Here is an example of an snmpwalk done on one of our proxy servers:
(Note that the community string given is public. That was not a valid community string on the box. I tried all kinds of things and everything worked.
C:\Documents and Settings\mferguson>snmpwalk -c public -v 2c 10.160.57.34:3401 .1.3
SNMP walk results omitted.
Any idea of a work around or a fix? Is this something that has been fixed in a later version or is it scheduled to be fixed?
Thanks for your time.
____________________________
Matt Ausmus
Network Administrator
Chapman University
635 West Palm Street
Orange, CA 92868
(714)628-2738
mausmus@xxxxxxxxxxx
"Man will occasionally stumble over the truth, but most of the time he will pick himself up and continue on."
- Churchill's Commentary on Man