Ask the Expert

In SNMPv1 and v2c, does it matter if I leave the community string set to public?

In SNMPv1 and v2c, does it matter if I leave the community string set to public? I have left it at public and also changed it to something else, but I still get the traps, so it seems it doesn't matter. What is it really for?

    Requires Free Membership to View

In SNMPv1 and v2c the community string was used to authenticate the SNMP management station and SNMP agent. Here is how it is works:

Whenever any SNMP management station sends a request to get or set some data on an SNMP agent, it also sends the community string, which is configured in it along with the request. When the request reaches the SNMP agent, it tries to match this community string with the one you have defined in the agent. If the two strings match, then the SNMP agent answers the request. If not, it rejects the request as an unauthorized request. This way, you can stop unauthorized SNMP management stations from changing parameters on your SNMP agents. Now the important part – you should never leave the community string to public on any of your SNMP agents. This is the default community string, and this way you expose your SNMP agent to any SNMP management station. Anyone with an SNMP manager software installed on his/her PC can make changes to your SNMP agents. So it's always better to change the community string to something else.

This was first published in September 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: