Results 1 to 3 of 3

Thread: Snmp

  1. #1

    Snmp

    Hi All,

    I am about to install mrtg on one of our webservers, however before I do is there any security issues I should be aware of regarding SNMP.

    Thanks for any input
    Adam Heavens
    Server Centre Limited (www.servercentre.net)
    Exchange 2007 Hosting, Windows/Linux Hosting

  2. #2
    Join Date
    Dec 2000
    Location
    Leesburg, VA
    Posts
    3,205
    There are several version of SNMP, the most secure is SNMPv3:

    ftp://ftp.isi.edu/in-notes/rfc2570.txt

    The primary problem with SNMPv1 and v2 is that passwords are sent in clear text, which means that someone sniffing your network could easily get ahold of those passwords and use them to gain control of your routers/switches/servers.

    So, if you are going to use SNMP, use v3, if the device you are monitoring does not support v3 then use v2 and only use a "read only" password. Disable writing capability (if your device supports it).

    And, whatever you do: do not set your read only password to public and your read/write password to private. If they are already set that way change them.

  3. #3
    Thanks for the info, this is the sort of thing I was after.
    Adam Heavens
    Server Centre Limited (www.servercentre.net)
    Exchange 2007 Hosting, Windows/Linux Hosting

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •