SNMP is used for remote monitoring and configuration of dedicated servers. If you have not changed the default community string of ‘public’ or ‘private’, your server may be abused to conduct DDOS attacks. In addition, publicly accessible SNMP can leak information about your server. We suggest using hard to guess community strings.
On Windows machines, SNMP is run through the ‘SNMP’ service. To change the community string:
- Open Control Panel -> Administrative Tools -> Services
- Find ‘SNMP Service’, right click it, and choose Properties
- On the Security tab, click the ‘Add’ button near ‘Accepted community names’
- Enter a secure password for this (do not reuse any existing password)
- Make sure to remove any insecure passwords (default values such as ‘public’ or ‘private’ are commonly abused)
- Click OK
- Restart the SNMP service
On Linux machines, SNMP is commonly run through the net-snmp library:
- Open your snmpd.conf file (usually /etc/snmp/snmpd.conf)
- Find the line that looks like: ‘com2sec notConfigUser default public’ (the line will begin with com2sec and end with a password. In this example, the password is ‘public’)
- Change the ‘public’ at the end of the line to a more secure password
- Restart the SNMP server with: ‘service snmpd restart’