nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps

2004-04-13 16:32:19
Subject: Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps
From: lesdickert AT att DOT net
To: nv-l AT lists.us.ibm DOT com
Date: Tue, 13 Apr 2004 20:23:06 +0000 
Here is what I think you need to do to keep
an AIX server from sending authentication failure
traps:

Look in /etc/snmpd.conf for a line that has:

trap  public   <your netview server name>  1.2.3   fe   

What you are looking for is a 'trap' line that has the
name of your NetView server on it.  The last parameter
('fe' in this example) determines what traps snmpd will
send to that server.  See below for how to encode/decode
this hex value.  You want to set the high order bit of the
low order nibble to '0' (authentication failure traps).  
The only values the second hex character can have that would
cause sending authentication failure traps are a, c, and e.
So change this value as follows:

   a -> 2
   c -> 4
   e -> 6

and that should do it.  Will need to stop and start the snmpd
daemon, or better still, reboot the sending server.

Here are the gory details from the snmpd.conf file about this
setting.

Les Dickert
Anthem BC/BS
Richmond, VA

############################################################################
# 4. If your site has a management station that listens for traps, fill-in
#    the information for the trap destination as follows:
#
#       trap  <community>  <a.b.c.d>   <view name>  <trap mask>
#
#    where <community> is the community name that will be encoded in the
#    trap packet and <a.b.c.d> is the hostname or IP address in dotted
#    notation of the host where a trap monitor is listening on UDP port 162.
#    The <view name> is a unique object identifier in dotted notation. View
#    name is not implemented for traps.  The snmpd agent only checks
#    the view name format and duplication.  The trap mask is in hexidecimal
#    format.  The bits from left to right stand for coldStart trap, warmStart
#    trap, linkDown trap, linkUp trap, authenticationFailure trap,
#    egpNeighborLoss trap, and enterpriseSpecific trap.  The right most bit
#    does not have any meaning.  The value "1" will enable the corresponding
#    trap to be sent. Otherwise, the trap is blocked.
#       ex.     fe      block no traps (1111 1110)
#               7e      block coldStart trap (0111 1110)
#               be      block warmStart trap (1011 1110)
#               3e      block coldStart trap and warmStart trap (0011 1110)
#
#################################################################################
--- Begin Message ---
Subject: Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps
From: Michael Webb <mlwebb AT us.ibm DOT com>
To: nv-l AT lists.us.ibm DOT com
Date: Tue, 13 Apr 2004 19:34:49 +0000

GIF image


--- End Message ---
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps, Bursik, Scott {PBSG}
Next by Date:  Re: [nv-l] locations, Leslie Clark
Previous by Thread:  Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps, Michael Webb
Next by Thread:  Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps, Oliver Bruchhaeuser
Indexes:  [Date] [Thread] [Top] [All Lists]