Announce: MailScanner-MRTG version 0.07 released

[Kevin Spicer]

On Wed, 2004-01-28 at 22:28, David Hooton wrote:
> Kevin,
>
> Even though this does work and is a read only , it doesn't provide any
> access control, which could leave users vulnerable to any possible exploits
> which may arise in net-snmp.  Perhaps adding an acl to only allow access to
> 127.0.0.1 would be smart?
>
Funnily enough I just wrote that in the doc I'm producing!  Heres my
current working minimal config...

# START snmpd.conf
# This line makes the snmp daemon listen only on the loopback interface
# If you want to run on an alternative port change the 161 part
# (Don't forget to update the mailscanner-mrtg.conf file with the new
# port
agentaddress localhost:161
# Use this version instead for ucd-snmp
#agentaddress 161 at localhost

# This line sets up a single community string (with read-only access)
# With access only permitted from localhost
# If you have users logging into your machine and want to make sure they
# can't easily get info from snmp change 'public' to something else
# (Don't forget to update the community string in mailscanner-mrtg.conf)
rocommunity  public localhost

# System Information, change this if you want
syslocation Unknown
syscontact Root <root at localhost>
# FINISH snmpd.conf


Of course I would always recommend firewalling all unnecessary ports
using iptables or similar.




BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.