?
Solved

SNMP v1 and later versions vulnerabilities?

Posted on 2006-10-30
2
Medium Priority
?
496 Views
Last Modified: 2010-04-11
Can you please tell me the vulnerabilities in SNMP v1 and later versions, i cant get a detailed paper on SNMP vulnerabilities only in detail, they just use to describe the protocol in detail and tell in 2 or 3 lines the vulnerabilities in it. I want detail on the attacks so i can defend more accurately.
0
Comment
Question by:shairankhan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 17836539
Aside from various implementation problems like buffer overflows, the underlying protocol issues are as follows:

SNMPv1: essentially does no authentication

SNMPv2: uses Community Strings for authentication, which are sent over the net in the clear where anyone can pick them up and reply them. Also all clients use the same Community String, so they all have the same level of access (other than really coarse level of read-write vs. read-only)

SNMPv3: Replaces Community Strings with shared cryptographic secrets so at least they can't be replayed.
0
 
LVL 3

Accepted Solution

by:
mahe2000 earned 500 total points
ID: 17842868
a couple of comments to what chris calabrese said, in snmp v2 you usually have two kind of access with different communities on for read-only access (usually "public" community but it can be changed) and one for write access (usually "private" community but it can be changed).

in snmp version 3 you can set up what you want your users can access.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question