Solved

Difference between public and private strings

Posted on 2004-09-07
2
2,775 Views
Last Modified: 2012-06-27
I am implementing SNMP on our Servers and Switches, I am new to this but learning a great deal from this wonderful site.
I have read and been told to change the public and private strings (which are like passwords.)

Can someone please explain in laymans terms what exactly public and private strings, and how they would likly be used?

I am a bit rushed to get this projesct started, so I need a quick heads up and basic understanding.

Thanks in advance... Michael.
0
Comment
Question by:Linux_Hawk
2 Comments
 
LVL 7

Accepted Solution

by:
pedrow earned 500 total points
ID: 12003791
snmp uses 'community strings' the same way one would use a password.

public is the default community string for RO (read only), which is used for things like monitoring, reading MIB values etc...

private is the default community string for RW (read-write), which would be used to do things like push config changes.

These strings can (and most definitely should) be changegd so that the snmp management stations and the network devices use something that no one knnows about. Further, it's also best practice to restrict the source addresses from where you can make these sorts of transactions.

for instance, on a cisco router you might want something like this:

snmp-server community ThePasswordIsSecret RO 10

access-list 10 permit 192.168.33.128 0.0.0.15

This way only machines addressed within this range that know the community string can grab information about your gear.

Does this help?
0
 

Author Comment

by:Linux_Hawk
ID: 12006614
This does help a great deal
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question