nv-l
[Top] [All Lists]

Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps

To: nv-l@lists.us.ibm.com
Subject: Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps
From: lesdickert@att.net
Date: Tue, 13 Apr 2004 20:23:06 +0000
Delivery-date: Tue, 13 Apr 2004 21:32:19 +0100
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com
Here is what I think you need to do to keep
an AIX server from sending authentication failure
traps:

Look in /etc/snmpd.conf for a line that has:

trap  public   <your netview server name>  1.2.3   fe   

What you are looking for is a 'trap' line that has the
name of your NetView server on it.  The last parameter
('fe' in this example) determines what traps snmpd will
send to that server.  See below for how to encode/decode
this hex value.  You want to set the high order bit of the
low order nibble to '0' (authentication failure traps).  
The only values the second hex character can have that would
cause sending authentication failure traps are a, c, and e.
So change this value as follows:

   a -> 2
   c -> 4
   e -> 6

and that should do it.  Will need to stop and start the snmpd
daemon, or better still, reboot the sending server.

Here are the gory details from the snmpd.conf file about this
setting.

Les Dickert
Anthem BC/BS
Richmond, VA

############################################################################
# 4. If your site has a management station that listens for traps, fill-in
#    the information for the trap destination as follows:
#
#       trap  <community>  <a.b.c.d>   <view name>  <trap mask>
#
#    where <community> is the community name that will be encoded in the
#    trap packet and <a.b.c.d> is the hostname or IP address in dotted
#    notation of the host where a trap monitor is listening on UDP port 162.
#    The <view name> is a unique object identifier in dotted notation. View
#    name is not implemented for traps.  The snmpd agent only checks
#    the view name format and duplication.  The trap mask is in hexidecimal
#    format.  The bits from left to right stand for coldStart trap, warmStart
#    trap, linkDown trap, linkUp trap, authenticationFailure trap,
#    egpNeighborLoss trap, and enterpriseSpecific trap.  The right most bit
#    does not have any meaning.  The value "1" will enable the corresponding
#    trap to be sent. Otherwise, the trap is blocked.
#       ex.     fe      block no traps (1111 1110)
#               7e      block coldStart trap (0111 1110)
#               be      block warmStart trap (1011 1110)
#               3e      block coldStart trap and warmStart trap (0011 1110)
#
#################################################################################
 




--- Begin Message ---
To: nv-l@lists.us.ibm.com
Subject: Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps
From: Michael Webb <mlwebb@us.ibm.com>
Date: Tue, 13 Apr 2004 19:34:49 +0000

GIF image


--- End Message ---
<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web