-(~)-> sudo rpm -Uvh /tmp/net-snmp-5.0.8-11.i386.rpm /tmp/beecrypt-3.0.1-0.20030630.i386.rpm Preparing... ########################################### [100%] 1:beecrypt ########################################### [ 50%] 2:net-snmp ########################################### [100%] -(~)-> chkconfig --list | grep snmp snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off -(~)-> sudo service snmpd start Starting snmpd: [ OK ] -(~)-> netstat -a | grep smux tcp 0 0 *:smux *:* LISTEN -(~)-> grep smux /etc/snmp/snmpd.conf -(~)->
Smux is automatically initiated by snmpd http://www.networksorcery.com/enp/rfc/rfc1227.txt
As per RFC1227: [..] This mechanism would be local to the host. We open a TCP port bound to default address, i.e. visible on the network in general. In addition, SMUX appears to have been deprecated in favour of agentX, RFC2741/2, and apparently would only be useful for some legacy applications. The code is old, and opening SMUX even if not configured is exposing the host to unneccesary risk (even if access control is supposed to happen on such connections). Binding to localhost only would also enhance the host security. A patch exists at http://lists.quagga.net/pipermail/quagga-dev/2004-October/001617.html that promises to turn off SMUX unless (one or more) smuxpeers have explicitly been configured. "How to turn off SMUX" is actually a FAQ for net-snmp, see http://www.net-snmp.org/docs/FAQ.html#How_can_I_turn_off_SMUX_support_ (the workaround there is probably nothing one would like on a production system). Please re-open.