If your router responds to `snmpwalk router.isp.net.uk ILMI`, you
probabally will want to do the following to disable it:
conf t
snmp-server community ILMI RO 99
access-list 99 deny any log
(pick another spare access-list if 99 isn't available)
If you dont, assuming your ios/hardware combination supports it,
(most of the bigger routers do) anyone can do things like:
`snmpset router.isp.net.uk ILMI system.sysName.0 s \
"ALL YOUR ROUTER ARE BELONG TO US."`
Thats a harmless example. You can do almost anything with RW snmp.
I was told by Cisco it should be RW. (To override the builtin
one).
I never ran a test w/ RO so was speaking from that
data.
If you get some message about the "community/party" exists
or something like that, put this in:
no snmp-server view *ilmi
It doesn't get saved in the config, so if you machine generate
your nvram:startup-config, you're ok, if you do not, you will
need to re-add it each time you reboot.
I tried this one of our routers and it worked. I put in the snmp filter
to stop it, which it did. Then I took the filter off and it still
didn't work. Odd.
Sweet. Yet another VENDOR CREATED problem. Is the fact that we PURCHASE
the %^#&*# hardware from them not enough? Do they have to continually
insist on putting backdoors into the code? Backdoors that inevitably leak
out of their organization?
Taking Seans input is confusing. The 3640 doesn't have an ATM interface (running IP Plus though). The 3662 does (T1 IMA Card) and it locks up (refuses logins and spikes a CPU fever).