Per my previous posting about the HP
Print Servers and SNMP access, see
http://www.pandi.hp.com/pandi/pdf/port_tech.pdf
Les
>From: "Les Dickert" <lesdickert@HOTMAIL.COM>
>Reply-To: IBM NetView Discussion <nv-l@tkg.com>
>To: nv-l@tkg.com
>Subject: RE: [NV-L] How to determine source of IBM Authentication Failure
>Traps in Netview for Solaris Platform ?
>Date: Tue, 27 Feb 2001 15:16:33
>
>One thing you may want to look for is
>an HP Jet Direct print spooler, probably
>running on an NT server. This spooler
>likes to issue SNMP queries to everything
>on it's IP subnet to find HP printers, and
>will bang away at routers, switches, other
>workstations, everything. I think there is
>a configuration setting to tell it to quit
>doing that, but out of the box it does it.
>
>We have to go chasing after these things all
>the time.
>
>Les
>
>
>
>
>>From: "Beeler, George" <GBeeler@us.britannica.com>
>>Reply-To: IBM NetView Discussion <nv-l@tkg.com>
>>To: "'IBM NetView Discussion'" <nv-l@tkg.com>
>>Subject: RE: [NV-L] How to determine source of IBM Authentication Failure
>>Traps in Netview for Solaris Platform ?
>>Date: Tue, 27 Feb 2001 08:54:21 -0600
>>
>>Jim,
>>
>>Thanks for your reply. We'll give it a try.
>>
>>Regards,
>>
>>George
>>
>>-----Original Message-----
>>From: Jim Kellock [mailto:jkellock@nc.rr.com]
>>Sent: Tuesday, February 27, 2001 5:58 AM
>>To: IBM NetView Discussion
>>Subject: Re: [NV-L] How to determine source of IBM Authentication
>>Failure Traps in Netview for Solaris Platform ?
>>
>>
>>NetView only knows what the agent on the machine getting the SNMP poll
>>will tell him. You have to deal with the source device for the trap
>>you're getting.
>>
>>Two ways you can do this:
>>1. You can set the logging level up for SNMPD on the machine that's
>>getting polled with an incorrect community name (if it's a workstation).
>>Then, as long as that agent is able to determine and capture the info,
>>he'll log the poller info for you, and may or may not include this info
>>in his trap to NetView- depends on the agent.
>>
>>2. Put a sniffer on it.
>>
>>Agents on some routers, switches, etc., don't have the ability to
>>capture the source address of the poll, even though they recognize the
>>intrusion and will send the authentication trap.
>>
>> > "Beeler, George" wrote:
>> >
>> > All,
>> >
>> > I have searched through the archives on trying to determine the source
>> > of IBM Authentication Failure traps in Netview, but we are running it
>> > on a Solaris platform. Does anyone have any steps that we could try
>> > and troubleshoot this problem? Mainly, we would like to turn on
>> > 'tracing' and view the results to be able to track down which end host
>> > is the culprit.
>> >
>> > Thank-you in advance,
>> >
>> > George
>>_________________________________________________________________________
>>NV-L List information and Archives: http://www.tkg.com/nv-l
>
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>_________________________________________________________________________
>NV-L List information and Archives: http://www.tkg.com/nv-l
_________________________________________________________________
|