On Thu, 21 Mar 2002, at 11:18am, Ed Esgro wrote: > Are there any security issues that I should be aware of about SNMP? I am > basically setting up SNMP on all of our internal servers, DMZ servers and > Firewall. What is good practice for this?
SNMP = "Security? Not My Problem!" SNMP is basically a totally insecure protocol. It uses a single, global, shared secret, transmitted as plain-text, to authenticate. All data and commands are sent plain-text. It was designed on the assumption that your physical network is secure and that all users are moderately trusted. While that is sometimes the case, it often is not. Additionally, SNMP has been the subject of recent attention by hackers, crackers, script-kiddies, etc. At least one major exploit affecting a huge range of platforms (Microsoft, Sun, Unix, Linux, Cisco, etc., etc.) has made the rounds recently. So it appears most SNMP environments are an insecure implementation of an insecure protocol. In short, if security is a concern, disable or highly restrict SNMP. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do not | | necessarily represent the views or policy of any other person, entity or | | organization. All information is provided without warranty of any kind. | ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
