NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
GS310TP SNMP how to use public community string
Hi!
I have two GS108T and two GS310TP. I successfully use SNMP to monitor the GS108T via snmp public community string without password.
How do I use/configure SNMP public access to the GS310TP? I cannot create any configuration using "public" community strings, because it tells me "Error: Default public and private community strings are not allowed."
on the GS108T I can add/change snmp settings using "public" community strings without restrictions.
so, how do I use SNMP readonly access to the GS310TP using "public" community string. I could not find any hint within the manual.
your help will be much appreciated!
Stefan K.
Using the common default public and private community strings is considered a major security risk, thus depreciated, prohibited, and disabled if set in place. What's the point of not changing to something more effective?
5 Replies
Using the common default public and private community strings is considered a major security risk, thus depreciated, prohibited, and disabled if set in place. What's the point of not changing to something more effective?
hi schumaku
thanks for your fast reply
schumaku wrote:Using the common default public and private community strings is considered a major security risk, thus depreciated, prohibited, and disabled if set in place.
ok, why?
I agree that SNMP should not be enabled by default, especially no write access. but "public" community string is built-in in many monitoring software.
schumaku wrote:What's the point of not changing to something more effective?
because "public" is well known!?
I added a community string "publik" for read only access, and I had to change my monitoring software for these two switches only. still I cannot see why "publik" is now more effective, more secure than "public" as SNMP v2c is unencrypted anyway.
I bought these type of swiches to manage configuration. I enabled SNMP on purpose. I know what I'm doing here! there is a HP printer which is monitored via SNMP so I can see data about paper and colors in my monitoring software. this is just my home-office network not some 100ge backbone of a company. forcing me to use some community string other than "public" is security through obscurity, IMHO.
SNMP is meant to be simple, hence the S in SNMP.
Regards!
Stefan
stefankaerst wrote:
still I cannot see why "publik" is now more effective, more secure than "public" as SNMP v2c is unencrypted anyway.
You probably don't change your devices default password, too - do you?
stefankaerst wrote:
still I cannot see why "publik" is now more effective, more secure than "public" as SNMP v2c is unencrypted anyway.
So who is able to sniff your wired (or for the sake of it the encrypted wirelss) traffic on your network, and then again on your network management VLAN?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
