Solved

Difference between public and private strings

Posted on 2004-09-07
2
3,222 Views
Last Modified: 2012-06-27
I am implementing SNMP on our Servers and Switches, I am new to this but learning a great deal from this wonderful site.
I have read and been told to change the public and private strings (which are like passwords.)

Can someone please explain in laymans terms what exactly public and private strings, and how they would likly be used?

I am a bit rushed to get this projesct started, so I need a quick heads up and basic understanding.

Thanks in advance... Michael.
0
Comment
Question by:Linux_Hawk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
pedrow earned 500 total points
ID: 12003791
snmp uses 'community strings' the same way one would use a password.

public is the default community string for RO (read only), which is used for things like monitoring, reading MIB values etc...

private is the default community string for RW (read-write), which would be used to do things like push config changes.

These strings can (and most definitely should) be changegd so that the snmp management stations and the network devices use something that no one knnows about. Further, it's also best practice to restrict the source addresses from where you can make these sorts of transactions.

for instance, on a cisco router you might want something like this:

snmp-server community ThePasswordIsSecret RO 10

access-list 10 permit 192.168.33.128 0.0.0.15

This way only machines addressed within this range that know the community string can grab information about your gear.

Does this help?
0
 

Author Comment

by:Linux_Hawk
ID: 12006614
This does help a great deal
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question