by Manixchil » Fri, 27 Apr 2001 13:11:40
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 80,000 Newsgroups - 16 Different Servers! =-----
by Dean Thompso » Fri, 27 Apr 2001 13:22:24
Hi!,
You shouldn't be too alarmed. The chances are that your Windows machinesQuote:> I have installed Portsentry and I am seeing Windows 9x/2000/NT machines
> attempting to connect to port 161. What is it used for and should I be
> alarmed?
See ya
Dean Thompson
--
+____________________________+____________________________________________+
| Bach. Computing (Hons) | ICQ - 45191180 |
| PhD Student | Office - <Off-Campus> |
| School Comp.Sci & Soft.Eng | Phone - +61 3 9903 2787 (Gen. Office) |
| MONASH (Caulfield Campus) | Fax - +61 3 9903 1077 |
| Melbourne, Australia | |
+----------------------------+--------------------------------------------+
1. SNMP daemon not active on port 161 (or anywhere); daemon loaded.
I'm running RedHat 5.0+ (Updates to 5.0, but not a 5.1 fileset) and
I've loaded cmu-snmp. I've edited /etc/snmpd.conf, though it's supposed
to work without changes, and I'm not getting any responses (even error
messages) from port localhost:161.
Some issues:
1. I'm using strobe to check ALL ports that might be listening.
This works for lpr, www, and all the better known protocols, but
wouldn't it show up if snmpd was set up properly? (Otherwise I can't
really check it's operation.)
2. Is there any authentication that I might be overlooking, simply
to look at the public MIBs? I know there's authentication for writing
(anywhere) and reading private ones.
All I want is enough of SNMP to work so that I can build my
understanding of it. I've tried scotty; it worked even less than CMU.
I spent two hours last night trying to get their browser (tkined) as a
seperate package to no avail. At least with CMU I have parts the
ostensibly work without my learning SNMP AND Tcl/TK all at the same
time.
I just don't have enough 'parts' that work enough to tell if I can
even use the final result. Usually this would be because I lacked a
certain library file that the tarball needs...but I'm installing by RPMs
here, RPMs that SHOULD have been packed by someone who knows when the an
implementation of SNMP is working. (He'd know better than I).
One more thing...did someone forget the first word of the SNMP
acronym? Simple? There are tons of subsets for this technology. There
are agents that can only send a value (and only one) after receiving a
single request....and there are superior agents that will answer
anyone's request no matter how many times it's asked. (Asynchronous
traps.) The funny thing is, CMU uses synchronous traps, and IT'S
declared the standard.
At what point does the 'simple' kick in?
Brian
---------------------------------------------------------------------------
Brian Fahrlander Problem Solver, Technomad, and
Linux-head
Evansville, IN
ICQ:5119262
http://www.kamakiriad.com
---------------------------------------------------------------------------
Whitewater isn't over until the First Lady sings.
4. /etc/passwd root entry bad shell any recovery ?
8. Recieve errors with Taylor UUCP under Solaris 2.1
9. Port 161 SNMP (Simple Network Management Protocol)
10. getting bash to run on netbsd 161/sparc
11. test 161
13. Probe to 161