>>>>> "sMA" == saifulla Mohd Abdul <[EMAIL PROTECTED]> writes:
sMA> Has recent net-snmp 5.3.1 agent undergone any security evaluation (DOS sMA> attacks etc)? Please suggest which version is stable from security sMA> aspect. They've all been designed with reasonable approaches and assumptions. There are layers within the stack that should prevent malicious users from doing standard protocol and implementation attacks. However, there is some level of trust you must place on people you give authenticated access too of course. The project hasn't had formal security reviews by an accreditation company or anything. But it has withstood a decent test of time existing in the OSS world without major security issues (and they're fixed ASAP if ever found). This has nothing to do with Net-SNMP itself, but: note that the SNMP protocol isn't designed to protect against DOS attacks. The protocol, if you read the RFCs that describe it, was designed with the notion that it wouldn't be the easiest source of DOS attack but that it would also be impossible to completely prevent them. Thus, because Net-SNMP is an implementation of the SNMP protocol it's impossible to completely protect against DOS attacks because the underlying protocol wasn't designed to either. -- Wes Hardaker Sparta, Inc. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
