2017-03-17

Changing 'public' community string for SNMP in AIX

Needed to work on the message/output requested by one of our customer's security analyst.

Please change the default credentials. Plugin Name: BMC SNMP Agent Default Community Name (public) . Following is the description on what was detected : Plugin Output:
Requesting the OID 1.3 returned :
  OID   : 1.3.6.1.2.1.1.1.0
  Value : PEER Networks, a division of BMC Software, Inc., PATROL(R) SNMP Toolkit, OptiMaster Release 1.9.1 on AIX

So from "public" string I changed it to something else, "beowulf" using Perl.

AIX gelato 1 7 00B711FC4C10
$ sudo perl -p -i.bak -e 's/public/beowulf/g' /etc/snmpd.conf
$ ls -l /etc/snmpd.*
-rw-r--r--    1 root     system           37 Dec 22 2011  /etc/snmpd.boots
-rw-r-----    1 root     system        10139 Mar 17 12:04 /etc/snmpd.conf
-rw-r-----    1 root     system        10135 Feb 27 04:01 /etc/snmpd.conf.bak
-rw-r-----    1 root     system         2603 Feb 27 04:01 /etc/snmpd.peers
$ sudo stopsrc -s snmpd
0513-004 The Subsystem or Group, snmpd, is currently inoperative.

But it seems SNMP service isn't running so I just left it as it is.  Now I also need to check for other hosts as well.

mmond@nx03|826:~/ $ for i in $(cat dwc_detected.txt)
> do
> ssh -q $i -t "hostname;
> done
dappl01.nn.dk
Subsystem         Group            PID          Status
 snmpd            tcpip                         inoperative
dengn01.nn.dk
Subsystem         Group            PID          Status
 snmpd            tcpip                         inoperative
duengn01.nn.dk
Subsystem         Group            PID          Status
 snmpd            tcpip                         inoperative

No comments:

Post a Comment