SNMP (Simple Network Management Protocol)
Finally, we want to say a few words about SNMP, the Simple Network Management Protocol (not a tool) that has been in the news lately, due to the security vulnerabilities inherent in it. As we noted earlier, many hardware devices like routers and switches are equipped with SNMP capability. The SNMP network management protocol is used to query network devices for information such as configuration, traffic and error counter values, etc.
However, it has also been used by hackers, who take advantage of the fact that the primary way an SNMP query authenticates itself to a device is by providing the right community name which the majority of network installations never change from the default, public. And those who do change it find that any password still leaves SNMP vulnerable to the same password-sniffing attacks that work on any system transmitting
secret key authentication information across the network. Various security flaws in SNMP have recently led vendors to issue software and firmware updates for devices from switches to routers, or to recommend that SNMP be disabled on devices, which are not firmware-upgradeable. SNMPv2 will feature improvements to authentication.
The usual rule applies here: unless you specifically need SNMP, turn it off.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.