Solved

SNMP v1 and later versions vulnerabilities?

Posted on 2006-10-30
2
478 Views
Last Modified: 2010-04-11
Can you please tell me the vulnerabilities in SNMP v1 and later versions, i cant get a detailed paper on SNMP vulnerabilities only in detail, they just use to describe the protocol in detail and tell in 2 or 3 lines the vulnerabilities in it. I want detail on the attacks so i can defend more accurately.
0
Comment
Question by:shairankhan
2 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
Comment Utility
Aside from various implementation problems like buffer overflows, the underlying protocol issues are as follows:

SNMPv1: essentially does no authentication

SNMPv2: uses Community Strings for authentication, which are sent over the net in the clear where anyone can pick them up and reply them. Also all clients use the same Community String, so they all have the same level of access (other than really coarse level of read-write vs. read-only)

SNMPv3: Replaces Community Strings with shared cryptographic secrets so at least they can't be replayed.
0
 
LVL 3

Accepted Solution

by:
mahe2000 earned 125 total points
Comment Utility
a couple of comments to what chris calabrese said, in snmp v2 you usually have two kind of access with different communities on for read-only access (usually "public" community but it can be changed) and one for write access (usually "private" community but it can be changed).

in snmp version 3 you can set up what you want your users can access.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now