The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SNMP reflection using installed snmpd

Discussion in 'Security' started by webyourbusiness, Sep 16, 2014.

  1. webyourbusiness

    webyourbusiness Registered

    Joined:
    Nov 9, 2004
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    We're new to cPanel, so have to ask what you might consider a basic question - first some background - we're working on our FIRST cPanel server - default installation from a VPS vendor to learn the setup, how easyApache works etc. I have maybe 5 domains on the server.

    Today I get an "abuse complaint" saying that the SNMP on this particular server is being used for SNMP reflection dDoS attacks on another server.

    Oh noes.. not good - first question...

    1. is snmpd used in cPanel to monitor services by default - ie, does native cPanel install *AND* use snmpd?

    2. Next logical question - if it is used, why isn't it better configured?

    3. How should we configure it better for local use only - or - use between cpanel servers, but not the outside world.


    At the moment I just disabled snmpd - I don't want this VPS causing havoc, but I don't want to disable something that cPanel relies on for everyday usage.

    cheers

    WYB.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    cPanel does not utilize this package to monitor services. You can disable it if you prefer, as cPanel does not rely on it's use. Did the abuse complaint contain specific details about the attack? Did you enable it as a PHP module?

    Thank you.
     

Share This Page