What is the exact name of the SNMP service ?

Discussion in 'other security issues & news' started by Yinda, Feb 13, 2003.

Thread Status:
Not open for further replies.
  1. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Hi,

    A friend's home computer (XP Pro) has several programs which request connection to Internet at startup. SNMP is one of them.

    Because he has no need of SNMP at home, and because of vulnerability, I wanted to disable the service for him. Unfortunately none of the services has "SNMP" in the name. Does anyone knows the exact name of the SNMP service ? Actually it is a French Windows, but the French name is probably just a translation of the English one.

    Thanks and regards,

    Yinda
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
  3. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Hi Pieter,

    Thanks for your answer. I have been at the link you provided, and found the following :

    I think that there is no such "SNMP Service". But let me check again and I'll inform you later.

    Regards,

    Yinda
     
  4. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Those services are not included with a WinXP install by default..but I think this will help you...


    This site will help your friend take care of SNMP for WinXP and many more services that are not needed.

    http://www.blackviper.com/WinXP/servicecfg.htm



    snmp -
    A network protocol used to manage TCP/IP networks. In Windows, the SNMP service is used to provide status information about a host on a TCP/IP network. Simple Network Management Protocol is also called SNMP.



    Does your friend have a router designed to receive SNMP traps?
    Some routers use SNMP traps to send event information to a logging program on the LAN.

    http://www.ietf.org/rfc/rfc1215.txt


    Disabling Unnecessary Services


    SNMP - Simple Network Management Protocol - has long been suspected to pose security risks, and in February 2002 the vulnerabilities were verified.
    Simple TCP Services - this service opens some esoteric ports - 7, 9, 13, 17 and 19 - that do things like serve a "Quote of the Day," or enable a simple "Denial of Service" using a pingpong attack against the Character Generator.

    Open the Services applet, find SNMP, and set it to Disabled. Do the same with Simple TCP Services. If the service is not present on the machine, don't install it.
     
  5. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Hi Primrose,

    Actually, I tried without success to find the "SNMP Service" on another computer, in order to tell my friend how to disable it. I did not realize that not all computers have it, since you say that those services are not installed by default. That is why I have to check again on his computer. My friend has a simple home configuration, no lan, no router. So I think that he should not have snmp installed.

    I'll read carefully all the information.

    Thanks very much.

    Yinda
     
  6. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Good..for XP look at Vipers site in this area... you can click around in there till the cows come home and get a real good idea of all the other services which come into play.

    Most home users do not need most of them for the tasks they wish to do..and having them running is confusing and some times makes one vulnerable. Not only to themselves but others...


    SNMP Service ~ this service does not install by default, but if needed, you may install it later off the Windows XP CD. This service supports the use of networking equipment that uses SNMP as a mode of remote management.

    Dependencies:

    Event Log
    Previous Page | System Configurations

    SNMP Trap Service ~ this service does not install by default, but if needed, you may install it later off the Windows XP CD. As above, this supports the use of networking equipment that uses SNMP as a mode of management.

    Dependencies:

    Event Log
    Previous Page | System Configurations

    ________

    Since I am in a preaching mode :D and I like firewalls this might give you some ideas why I commend you in helping any one out..good going.

    _______________________
    Don't confuse firewalls with security. Machines behind a firewall are only as secure as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security that came about with the firewall.

    Firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.
     
  7. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Hi,

    Thanks for telling me that snmp is not installed by default. Actually, on a computer with snmp installed, the snmp service is on the list :oops:

    As for your comment on firewalls and security. I must say that I am still relying on the recommendations by people with more experience. For Outpost, I use the preset rules, sometimes improved with recommendations found in their forum, namely for Outlook Express. I don't think it is possible to define rules for ports 22 and 443, without reference to any application.

    Once again, I would like to say that I appreciate the present forum very much. I learn a lot every day.

    Thanks again to all of you.

    Yinda
     
  8. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Did you get your friend's SNMP Service disabled?
     
  9. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Yes, I immediately told him where to change it.

    But I wonder why the service has been installed.

    Thanks.
     
  10. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Could you tell me how to do that in Winxp pro to change it?
     
  11. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Hi,
    In Administration Tools/Services, double-click on the service. Then, in the General panel, the startup mode can be changed between Automatic, Manual and Disabled (my own translation).
    Regards,
    Yinda
     
Loading...
Thread Status:
Not open for further replies.