Hi,

A friend's home computer (XP Pro) has several programs which request connection to Internet at startup. SNMP is one of them.

Because he has no need of SNMP at home, and because of vulnerability, I wanted to disable the service for him. Unfortunately none of the services has "SNMP" in the name. Does anyone knows the exact name of the SNMP service ? Actually it is a French Windows, but the French name is probably just a translation of the English one.

Thanks and regards,

Yinda

Hi Yinda,

This is the other way around and for Win2k, but no doubt it will put you on the right track: http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/snmp_install.htm

Regards,

Pieter

Hi Pieter,

Thanks for your answer. I have been at the link you provided, and found the following :

-{ Quote: "To start or stop the SNMP service

Open Computer Management
In the console tree, click Services.
Where?

Services and Applications
Services
In the details pane, click SNMP Service
On the Action menu, click Start, Stop, or Restart. " }-

I think that there is no such "SNMP Service". But let me check again and I'll inform you later.

Regards,

Yinda

Those services are not included with a WinXP install by default..but I think this will help you...


This site will help your friend take care of SNMP for WinXP and many more services that are not needed.

http://www.blackviper.com/WinXP/servicecfg.htm



snmp -
A network protocol used to manage TCP/IP networks. In Windows, the SNMP service is used to provide status information about a host on a TCP/IP network. Simple Network Management Protocol is also called SNMP.



Does your friend have a router designed to receive SNMP traps?
Some routers use SNMP traps to send event information to a logging program on the LAN.

http://www.ietf.org/rfc/rfc1215.txt


Disabling Unnecessary Services


SNMP - Simple Network Management Protocol - has long been suspected to pose security risks, and in February 2002 the vulnerabilities were verified.
Simple TCP Services - this service opens some esoteric ports - 7, 9, 13, 17 and 19 - that do things like serve a "Quote of the Day," or enable a simple "Denial of Service" using a pingpong attack against the Character Generator.

Open the Services applet, find SNMP, and set it to Disabled. Do the same with Simple TCP Services. If the service is not present on the machine, don't install it.

Hi Primrose,

Actually, I tried without success to find the "SNMP Service" on another computer, in order to tell my friend how to disable it. I did not realize that not all computers have it, since you say that those services are not installed by default. That is why I have to check again on his computer. My friend has a simple home configuration, no lan, no router. So I think that he should not have snmp installed.

I'll read carefully all the information.

Thanks very much.

Yinda

Good..for XP look at Vipers site in this area... you can click around in there till the cows come home and get a real good idea of all the other services which come into play.

Most home users do not need most of them for the tasks they wish to do..and having them running is confusing and some times makes one vulnerable. Not only to themselves but others...


SNMP Service ~ this service does not install by default, but if needed, you may install it later off the Windows XP CD. This service supports the use of networking equipment that uses SNMP as a mode of remote management.

Dependencies:

Event Log
Previous Page | System Configurations

SNMP Trap Service ~ this service does not install by default, but if needed, you may install it later off the Windows XP CD. As above, this supports the use of networking equipment that uses SNMP as a mode of management.

Dependencies:

Event Log
Previous Page | System Configurations

________

Since I am in a preaching mode ;D and I like firewalls this might give you some ideas why I commend you in helping any one out..good going.

_______________________
Don't confuse firewalls with security. Machines behind a firewall are only as secure as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security that came about with the firewall.

Firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.

Hi,

Thanks for telling me that snmp is not installed by default. Actually, on a computer with snmp installed, the snmp service is on the list :-[

As for your comment on firewalls and security. I must say that I am still relying on the recommendations by people with more experience. For Outpost, I use the preset rules, sometimes improved with recommendations found in their forum, namely for Outlook Express. I don't think it is possible to define rules for ports 22 and 443, without reference to any application.

Once again, I would like to say that I appreciate the present forum very much. I learn a lot every day.

Thanks again to all of you.

Yinda

Did you get your friend's SNMP Service disabled?

Yes, I immediately told him where to change it.

But I wonder why the service has been installed.

Thanks.

Could you tell me how to do that in Winxp pro to change it?

Hi,
In Administration Tools/Services, double-click on the service. Then, in the General panel, the startup mode can be changed between Automatic, Manual and Disabled (my own translation).
Regards,
Yinda