August 30, 2008 04:28am pdt

1. blu 162,566
2. omarfarid 153,653
3. yuzh 115,250
4. JustUNIX 98,812
5. robocat 48,856
6. Tintin 48,547
7. ozo 18,765
8. sentner 18,420
9. sdstuber 17,140
10. schwertner 15,695
11. gheist 12,693
12. arthurjb 12,480
13. Nopius 12,200
14. arnold 8,150
15. Infinity08 5,500
16. shakoush... 5,200
17. evilrix 4,800
18. Adam314 4,755
19. APNFSSC 4,300
20. vrmuds1 4,220
21. geoffry 4,200
22. tfewster 4,120
23. johnsone 3,850
24. tushargoh... 3,725
25. CEHJ 3,600

1. yuzh 1,075,704
2. Tintin 296,259
3. JustUNIX 275,028
4. omarfarid 251,825
5. blu 220,231
6. Nukfror 193,341
7. tfewster 159,913
8. jlevie 149,602
9. neteducation 118,800
10. PsiCop 117,482
11. wesly_c... 114,031
12. pshattuck 90,352
13. liddler 83,265
14. ahoffmann 80,645
15. arthurjb 78,698
16. Nopius 76,395
17. robocat 68,099
18. shivsa 64,811
19. chris_cal... 51,242
20. akeh 38,886
21. Nisus 36,632
22. bpeterse 36,562
23. besky 34,814
24. ozo 32,835
25. vamsi_uk 30,157

05.19.2008 at 07:38AM PDT, ID: 23413858

	[x] Attachment Details

CA Unicentre snmpwalk(via Udp port 161) timed out on hardened Solaris

Asked by sunhux in Sun Solaris, Red Hat Linux

Tags: Sun CA, Solaris Unicentre snmpwalk, CA Unicentre snmpwalk timed out on hardened Solaris

Hi,

Our CA Unicentre support showed me that when he issued "snmpwalk" to port 161 on
our hardened Solaris 10 server sun11, it timed out while to a non-hardened Solaris 9
server (sun12), it works (returns a "End of MIB View" message).

I've checked both sun11(hardened) & sun12(non-hardened) server using
"netstat -an" & in both cases Port Udp

C:\Documents and Settings\easeadmin>snmpwalk -p 161 sun12 -c e2rsme 1.3.6.1.4.1
End of MIB View.

C:\Documents and Settings\easeadmin>snmpwalk -p 161 sun11 -c e2rsme 1.3.6.1.4.1
Timed out

The following is a script which I've run on sun11 server to harden it :
kindly help point out which service is required by CA Unicentre's snmpwalk.
I could have tried to isolate it but it's going to be a long venture, so asking is faster :

set -x
# Item 1.1, enable sshd :)
svcadm enable svc:/network/ssh:default
# Item 1.2, rpcbind
svcadm disable svc:/network/rpc/bind:default
# Item 1.3, secure RPC
svcadm disable svc:/network/rpc/keyserv:default
# Item 1.4, NIS server
svcadm disable svc:/network/nis/server:default
svcadm disable svc:/network/nis/passwd:default
svcadm disable svc:/network/nis/update:default
svcadm disable svc:/network/nis/xfr:default
# Item 1.5, NIS client
svcadm disable svc:/network/nis/client:default
# Item 1.6, NIS+
svcadm disable svc:/network/rpc/nisplus:default
# Item 1.7, LDAP cache mgr
svcadm disable svc:/network/ldap/client:default
# Item 1.8, Kerberos server
svcadm disable svc:/network/security/kadmin:default
svcadm disable svc:/network/security/krb5kdc:default
svcadm disable svc:/network/security/krb5_prop:default
# Item 1.9, Kerberos client
svcadm disable svc:/network/security/ktkt_warn:default
# Item 1.10, GSS
svcadm disable svc:/network/rpc/gss:default
# Item 1.11, GUI
### mv /etc/rc2.d/S99dtlogin /etc/rc2.d/.NOS99dtlogin 2>> /tmp/Cis1.o
### svcadm disable svc:/network/rpc-100083_1/rpc_tcp:default
# Item 1.12, Solaris Management Console
### mv /etc/rc2.d/S90wbem /etc/rc2.d/.NOS90wbem 2>> /tmp/Cis1.o
### mv /etc/rc2.d/S90webconsole /etc/rc2.d/.NOS90webconsole 2>> /tmp/Cis1.o
# Item 1.13, volume manager
### svcadm disable svc:/network/rpc/smserver:default
### mv /etc/rc3.d/S81volmgt /etc/rc3.d/.NOS81volmgt 2>> /tmp/Cis1.o
# Item 1.14, SAMBA
mv /etc/rc3.d/S90samba /etc/rc3.d/.NOS90samba 2>> /tmp/Cis1.o
# Item 1.15, NFS server
svcadm disable svc:/network/nfs/server:default
svcadm disable svc:/network/nfs/cbd:default
svcadm disable svc:/network/nfs/mapid:default
# Item 1.16, rquota
svcadm disable svc:/network/nfs/rquota:default
# Item 1.17, NFS client
svcadm disable svc:/network/nfs/client:default
# Both NFS servers and clients need these (see 2.16 and 2.18 above)
svcadm disable svc:/network/nfs/status:default
svcadm disable svc:/network/nfs/nlockmgr:default
# Item 1.18, auto mounter
svcadm disable svc:/system/filesystem/autofs:default
# Item 1.19, telnet server
svcadm disable svc:/network/telnet:default
# Item 1.20, FTP server
svcadm disable svc:/network/ftp:default
# Item 1.21, rlogin/rsh servers
svcadm disable svc:/network/login:rlogin
svcadm disable svc:/network/shell:default
# Item 1.22, boot services
svcadm disable svc:/network/rpc/bootparams:default
svcadm disable svc:/network/rarp:default
# Item 1.23, DHCP server
svcadm disable svc:/network/dhcp-server:default
# Item 1.24, DNS server
svcadm disable svc:/network/dns/server:default
# Set up TFTP server entry if necessary
if [ ! "`inetadm | grep tftp`" ]; then
cd /var/svc/profile
echo 'tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd /tftpboot'
inetd-tftpd.tmp
inetconv -n -i ./inetd-tftpd.tmp -o /var/svc/profile
sed 's#tftp/udp6#tftp#' tftp-udp6.xml tftp.xml
svccfg import tftp.xml
rm -f inetd-tftpd.tmp tftp-udp6.xml tftp.xml
fi
# Item 1.25, TFTP server
svcadm disable svc:/network/tftp:default
# Item 1.26, print servers
# Use -s for print/cleanup because it has already been started
# before upgrade script is read
svcadm disable -s svc:/application/print/cleanup:default
svcadm disable svc:/application/print/server:default
svcadm disable svc:/application/print/rfc1179:default
# Item 1.27, Web servers
# Apache 2.x (the first line below) is preferred. If you would
# rather run Apache 1.3.x, then disable the Apache 2.x service and
# move the /etc/rc3.d/S50apache script back into place.
#
svcadm disable svc:/network/http:apache2
mv /etc/rc3.d/S50apache /etc/rc3.d/.NOS50apache 2>> /dev/null
mv /etc/rc2.d/S42ncakmod /etc/rc2.d/.NOS42ncakmod 2>> /dev/null
mv /etc/rc2.d/S94ncalogd /etc/rc2.d/.NOS94ncalogd 2>> /dev/null
# Item 1.28, SNMP server (initsma is net-snmp)
mv /etc/rc3.d/S82initsma /etc/rc3.d/.NOS82initsma 2>> /dev/null
# Item 1.29, Solaris Volume Manager (software RAID) services
### svcadm disable svc:/system/metainit:default
### svcadm disable svc:/platform/sun4u/mpxio-upgrade:default
### svcadm disable svc:/system/mdmonitor:default
# Item 1.30, Solaris Volume Manager GUI services
### svcadm disable svc:/network/rpc/mdcomm:default
### svcadm disable svc:/network/rpc/meta:default
### svcadm disable svc:/network/rpc/metamed:default
### svcadm disable svc:/network/rpc/metamh:default
# Item 1.31, inetd
if [ "`inetadm | grep '^enable'`" ]; then
svcadm enable svc:/network/inetd:default
else
svcadm disable svc:/network/inetd:default
fi
# Item 1.32, sendmail
svcadm disable svc:/network/smtp:sendmail
# Item 1.33, all the other crap
svcadm disable svc:/network/chargen:dgram
svcadm disable svc:/network/chargen:stream
svcadm disable svc:/network/daytime:dgram
svcadm disable svc:/network/daytime:stream
svcadm disable svc:/network/discard:dgram
svcadm disable svc:/network/discard:stream
svcadm disable svc:/network/echo:dgram
svcadm disable svc:/network/echo:stream
svcadm disable svc:/network/time:dgram
svcadm disable svc:/network/time:stream
svcadm disable svc:/network/rpc/rex:default
svcadm disable svc:/network/rexec:default
svcadm disable svc:/network/uucp:default
svcadm disable svc:/network/comsat:default
svcadm disable svc:/network/rpc/spray:default
svcadm disable svc:/network/rpc/wall:default
svcadm disable svc:/network/tname:default
svcadm disable svc:/network/talk:default
svcadm disable svc:/network/finger:default
svcadm disable svc:/network/rpc/rstat:default
svcadm disable svc:/network/rpc/rusers:default
svcadm disable svc:/network/rpc/ocfserv:default
svcadm disable svc:/network/login:eklogin
svcadm disable svc:/network/login:klogin
svcadm disable svc:/network/shell:kshell
# Use -s for system/power because it has already been started
# before upgrade script is read
svcadm disable -s svc:/system/power:default
svcadm disable svc:/network/slp:default
svcadm disable svc:/application/management/webmin:default
svcadm disable svc:/system/consadm:default
svcadm disable svc:/application/gdm2-login:default
svcadm disable svc:/application/print/ipp-listener:default
# Use -s for system/name-service-cache because it has already
# been started before upgrade script is read
svcadm disable -s svc:/system/name-service-cache:default
svcadm disable svc:/network/apocd/udp:default
### svcadm disable svc:/application/x11/xfs:default
### svcadm disable svc:/application/font/stfsloader:default
### svcadm disable svc:/network/rpc-100068_2-5/rpc_udp:default
### svcadm disable svc:/network/rpc-100235_1/rpc_ticotsord:default
# Item 1.33, move the remaining (legacy) rc2.d stuff
mv /etc/rc2.d/S40llc2 /etc/rc2.d/.NOS40llc2 2>> /dev/null
mv /etc/rc2.d/S47pppd /etc/rc2.d/.NOS47pppd 2>> /dev/null
mv /etc/rc2.d/S70uucp /etc/rc2.d/.NOS70uucp 2>> /dev/null
mv /etc/rc2.d/S72autoinstall /etc/rc2.d/.NOS72autoinstall 2> /dev/null
mv /etc/rc2.d/S73cachefs.daemon /etc/rc2.d/.NOS73cachefs.daemon 2>> /dev/null
mv /etc/rc2.d/S89bdconfig /etc/rc2.d/.NOS89bdconfig 2>> /dev/null
mv /etc/rc2.d/S89PRESERVE /etc/rc2.d/.NOS89PRESERVE 2>> /dev/null
mv /etc/rc3.d/S16boot.server /etc/rc3.d/.NOS16boot.server 2>> /dev/null
mv /etc/rc3.d/S52imq /etc/rc3.d/.NOS52imq 2>> /dev/null
mv /etc/rc3.d/S84appserv /etc/rc3.d/.NOS84appserv 2>> /dev/null
mv /etc/rc3.d/S75seaport /etc/rc3.d/.NOS75seaport 2>> /dev/null
mv /etc/rc3.d/S76snmpdx /etc/rc3.d/.NOS76snmpdx 2>> /dev/null
mv /etc/rc3.d/S77dmi /etc/rc3.d/.NOS77dmi 2>> /dev/null
mv /etc/rc3.d/S80mipagent /etc/rc3.d/.NOS80mipagent 2>> /dev/null
Start Free Trial

Keywords: CA Unicentre snmpwalk(via Udp port …

	Title
1	Solaris box not allowing for outside aut…
2	Sendmail authentication configuration f…
3	Solaris 8 - Configuring sendmail relay…
4	Solaris Samba Config
5	Hardening Solaris 10
6	Sendmail not working on a solaris 5.…

Loading Advertisement...

20080716-EE-VQP-32 / EE_QW_2_20070628

CA Unicentre snmpwalk(via Udp port 161) timed out on hardened Solaris

Asked by sunhux in Sun Solaris, Red Hat Linux

Tags: Sun CA, Solaris Unicentre snmpwalk, CA Unicentre snmpwalk timed out on hardened Solaris

About this solution