Thanks to Richard Smith and John Gronveld.
[Richard]
Sun offers a download of SEA 1.0.3 as a replacement (Solaris 2.6 comes with
1.0.1). The
security
problem has mostly to do with the community string that is used to
authenticate the snmp
client. By
default it is set to "public" which everyone knows. You must change the
community strings
in the
/etc/snmp/conf/snmpd.conf file to any string that is not easily guessed.
SEA 1.0.3 also fixes a bunch of bugs, however, Sun recommends three
additional patches for
Solaris
2.6 on top of that. So visit www.sun.com and search on snmp or SEA 1.0.3.
[John]
I recall that the latest SEA version for 2.6 must be downloaded as a
package and you won't find patches. Search Sun.com.
Many people don't trust Sun's agents and either pkgrm them or use
the alternatives.
Besides, I also found a list of the bugs of SEA 1.0 at the following site,
http://www.sun.com/software/entagents/docs/releasehtml/release_notes.doc.htm
l
Hao
-----Original Message-----
Hi, all,
I have a Sun Enterprise 3500 server running Solaris 2.6. The SNMP agent
installed on that server is Solstice Enterprise Agent 1.0, which I think
comes with Solaris 2.6. It was said that there are some security issues with
Solstice Enterprise Agent. I am wondering if anyone is aware of this and if
there is any patch that can fix this bug? I couldn't find much information
on SNMP agent from the archive. TIA, and I will summarize.
Hao
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:03 CDT