Solved

SNMP v1 and later versions vulnerabilities?

Posted on 2006-10-30
2
480 Views
Last Modified: 2010-04-11
Can you please tell me the vulnerabilities in SNMP v1 and later versions, i cant get a detailed paper on SNMP vulnerabilities only in detail, they just use to describe the protocol in detail and tell in 2 or 3 lines the vulnerabilities in it. I want detail on the attacks so i can defend more accurately.
0
Comment
Question by:shairankhan
2 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 17836539
Aside from various implementation problems like buffer overflows, the underlying protocol issues are as follows:

SNMPv1: essentially does no authentication

SNMPv2: uses Community Strings for authentication, which are sent over the net in the clear where anyone can pick them up and reply them. Also all clients use the same Community String, so they all have the same level of access (other than really coarse level of read-write vs. read-only)

SNMPv3: Replaces Community Strings with shared cryptographic secrets so at least they can't be replayed.
0
 
LVL 3

Accepted Solution

by:
mahe2000 earned 125 total points
ID: 17842868
a couple of comments to what chris calabrese said, in snmp v2 you usually have two kind of access with different communities on for read-only access (usually "public" community but it can be changed) and one for write access (usually "private" community but it can be changed).

in snmp version 3 you can set up what you want your users can access.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The 21st century solution to antiquated pagers.
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

823 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question