- Posts: 1390
- Thank you received: 0
Disabling SNMP Version 1 on Pix
17 years 6 months ago #21949
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Disabling SNMP Version 1 on Pix was created by Smurf
Ok, i thought i had cracked this and configured my Pix to accept only SNMP Version 2. Anyhow, it still seems to be working with Version 1 and i cannot seem to stop the Pix from responding to this;
I thought it was this line that forced it;
[code:1]snmp-server host {interface} {ip} community {string} version 2c[/code:1]
but doesn't seem to work.
I have also removed the SNMP-Server Community line since i read somewhere that this will imply version 1
Anyone know anything ?
I thought it was this line that forced it;
[code:1]snmp-server host {interface} {ip} community {string} version 2c[/code:1]
but doesn't seem to work.
I have also removed the SNMP-Server Community line since i read somewhere that this will imply version 1
Anyone know anything ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 6 months ago #21950
by Sielle
Replied by Sielle on topic Re: Disabling SNMP Version 1 on Pix
[no] snmp deny version [1 | 2 | 2c | 3]
I believe this worked in Pix 6.3.
I believe this worked in Pix 6.3.
17 years 6 months ago #21952
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Disabling SNMP Version 1 on Pix
Cheers for the reply, just spotted it;
deny snmp verison [1|2|2c|3]
Cheers
deny snmp verison [1|2|2c|3]
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 6 months ago #21954
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Disabling SNMP Version 1 on Pix
Although this converts it to;
[code:1]snmp-map asa_snmp_map
deny version 1[/code:1]
[code:1]snmp-map asa_snmp_map
deny version 1[/code:1]
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.136 seconds