info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
SNMPv3 on OpenVMS
139 views
Skip to first unread message
GerMarsh
Nov 24, 2015, 3:55:53 AM11/24/15
to
I know that I am likely to be virtually shouted at by not reading some vague manual but I have perused the SNMP section of the HP doc and find nothing on this subject.
I would like to use only the Version 3 of SNMP - Some historical Wizard entry suggests to refer to HP support but I hope that it has been addressed by now.
(I wonder whether this is awaiting VSI to rewrite the TCP/IP stack.)
I apologise to all the SNMP demons out there - seems like a black art to me.
Any help would be gratefully received - as ever!
I would like to use only the Version 3 of SNMP - Some historical Wizard entry suggests to refer to HP support but I hope that it has been addressed by now.
(I wonder whether this is awaiting VSI to rewrite the TCP/IP stack.)
I apologise to all the SNMP demons out there - seems like a black art to me.
Any help would be gratefully received - as ever!
Stephen Hoffman
Nov 24, 2015, 11:48:05 AM11/24/15
to
available with the HPE/VSI tools is SNMPv2 only.
The lack of SNMPv3 is one of various security issues with OpenVMS and
networking.
As for futures, have a chat with the folks at VSI and see what details
they'll be willing to discuss about SNMPv3, SMH, network security and
related. (There are other security issues with SMH which may or will
effect what VSI provides, too.)
Pending purchasing new licenses and a wholesale upgrade to VSI
V8.future or later and with the VSI replacement stack, keep your
OpenVMS systems firewalled, VPN into the firewall, and use SNMPv2 from
there.
Related:
http://labs.hoffmanlabs.com/node/1117
http://labs.hoffmanlabs.com/node/1326
http://labs.hoffmanlabs.com/node/159
--
Pure Personal Opinion | HoffmanLabs LLC
GerMarsh
Nov 25, 2015, 4:31:24 AM11/25/15
to
I have done a pile of research recently on improving these protocols and have had hassle with every single one of them. I cannot even see how to secure SMTP traffic with the VMS implementation - crikey, Even Outlook can do it. And I have now found out that even NTP has some VMS specific issues too! Oh, and don't get me started on attempting to replace FTP with SFTP!
I consider myself fortunate to still be using and getting paid for managing VMS - having done so for around 36 years - but I think someone is trying to tell me something.
Stephen Hoffman
Nov 25, 2015, 11:57:32 AM11/25/15
to
On 2015-11-25 09:31:21 +0000, GerMarsh said:
> I have done a pile of research recently on improving these protocols
> and have had hassle with every single one of them. I cannot even see
> how to secure SMTP traffic with the VMS implementation - crikey, Even
> Outlook can do it. And I have now found out that even NTP has some VMS
> specific issues too! Oh, and don't get me started on attempting to
> replace FTP with SFTP!
>
> I consider myself fortunate to still be using and getting paid for
> managing VMS - having done so for around 36 years - but I think someone
> is trying to tell me something.
Ayup. Beyond down-revision TLS and other issues they'll find, there
> I have done a pile of research recently on improving these protocols
> and have had hassle with every single one of them. I cannot even see
> how to secure SMTP traffic with the VMS implementation - crikey, Even
> Outlook can do it. And I have now found out that even NTP has some VMS
> specific issues too! Oh, and don't get me started on attempting to
> replace FTP with SFTP!
>
> I consider myself fortunate to still be using and getting paid for
> managing VMS - having done so for around 36 years - but I think someone
> is trying to tell me something.
are OpenVMS-specific network insecurities that the generic IP test
tools won't find.
At least some OpenVMS boxes should be configured with outboard firewalls.
VSI has a right huge mountain of development work ahead of them, and
that no-details-yet new VSI IP stack is just a very small part of that
mountain.
0 new messages