SNMP Security
Be aware that SNMP has been around for a long time and as such there are three major versions. SNMP version one and version two have some considerable security flaws. The foremost is that they send their data unencrypted, which could include a whole host of data you would rather not be viewable by just anyone. A second consideration is that the limited authentication capabilities rely on a community string only to determine not only who can read the SNMP data, but who can set the SNMP values, effectively granting access to configure the SNMP-enabled device.
SNMP version three mitigates many of these issues; however, it is not widely supported at this time. While SNMP v3 is often supported on the more prominent enterprise class platforms, support using free tools is practically non-existent. Given these facts, the best way to secure SNMP traffic is with a combination of access lists (where applicable) and some form of encryption, such as IPsec.
In this tutorial:
- Network Reporting and Troubleshooting
- Reporting on Bandwidth Usage and Other Metrics
- Collecting Data for Analysis
- Understanding SNMP
- SNMP Security
- Configuring Multi Router Traffic Grapher
- Configuring MZL & Novatech TrafficStatistic
- Configuring PRTG Traffic Grapher
- Configuring ntop
- Enabling SNMP on Windows Hosts
- Enabling SNMP on Linux Hosts
- Troubleshooting Network Problems
- Using a GUI Sniffer
- Using a Command-Line Sniffer
- Windump
- ngSniff
- Tcpdump
- Additional Troubleshooting Tools
- Netcat
- Tracetcp
- Netstat