[SunHELP] SNMPDX ERRORS
John Duksta
sunhelp at sunhelp.org
Tue Apr 17 06:14:42 CDT 2001
Ravi,
If you don't need to be running SNMP on this machine,
you would be well advised to disable it. Especially if
this is an external (internet facing) machine.
There was a buffer overflow exploit for snmpDX announced
last week (or the week before) on BugTraq. I'm fairly sure
that it resulted in a remote root exploit, but I can't find
the notice now in a quick search.
I'm not sure if what you're seeing here is indicative of
the exploit being used on your machine, but it would definately
be worth looking into.
Regards,
-john
At 11:00 AM 4/16/2001 -0700, Will Melick wrote:
>This is often caused by HP OpenView doing its normal SNMP scans.
>
>There is a way to fix it....but I don't recall how at the moment (fixed so
>OpenView gets the correct info and the error message goes away).
>
>You might want to browse through the HP IT Resource Center forums for
>OpenView/Network Node Manager (NNM) if you are indeed running OV on your
>network.
>
>P.S. OV's not a bad thing...properly managed OV can keep track of tens of
>thousands of nodes. It's used by all the major ISPs.
>
>
>On Mon, 16 Apr 2001, David Rouse wrote:
>
> > On 4/16/01 at 8:33 AM, Ravi_Thotapalli at csaa.com wrote:
> >
> > >Hi I am getting this error and I have no clue about the Electronic mail
> > >stuff so could any one please help me
> > >
> > >thanks
> > >ravi
> > >
> > >Apr 16 07:38:51 fndev03 last message repeated 4 times
> > >Apr 16 07:39:21 fndev03 snmpdx: error while receiving a pdu from
> > >fndev03.164: Th
> > >e message has a wrong version (2)
> >
> > It isn't email, actually -- SNMP = Simple Network Monitoring Protocol. The
> > daemon here is snmpdx, Sun Solstice Enterprise Master Agent. If you don't
> > really need all this stuff, you might want to check the man pages and your
> > /etc/init.d files and turn some of it off.
> >
> > Either the machine is sending itself a message it doesn't quite understand
> > or someone else is sending the machine a message it doesn't quite
> > understand. Note -- SNMP can sometimes be a security problem and it is good
> > to block it at the firewall.
> >
More information about the SunHELP
mailing list