Mike Ayers wrote:
>> From: net-snmp-users-bounces@lists.sourceforge.net
>> [mailto:net-snmp-users-bounces@lists.sourceforge.net] On
>> Behalf Of Davin
>> Sent: Monday, January 14, 2008 10:59 AM

>> I'd
>> stick with
>> 2c unless you have a real reason to use 1, and I don't belief this
>> qualifies.

> I don't know why you'd say this. Almost anything which supports SNMP supports SNMPv1, and many don't support anything else. SNMPv2c, on the other hand, is a well supported myth. For read-only SNMP, a v1 community named "public" is the de facto standard. You should not support community based writing unless the customer demands it, as it is insecure.

I did not say that she should enable a rwcommunity, and I should have
worded that as "I wouldn't disable v2c unless you have a reason to only
use v1". The point I was trying to make was that the IP address based
ACLing can be utilized with both v1 and v2c, and allowing 2c allows for
certain desirable features such as bulkwalks. Disabling v1 alongside 2c
is a bad idea, and enabling rwcommunities is a worse one.

>> It is worth mentioning that USM and VACM, which are only available in
>> v3,

> In net-snmp, VACM works on communities as well as users.

Correct. I recalled that USM manipulation only worked with v3 using the
snmpusm command, but mistakenly lumped VACM into the same category. Thanks.


Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
Net-snmp-users mailing list
Please see the following page to unsubscribe or change other options: