Cpanel Hosting

Tuesday 12 March 2013

How insecure is SNMP protocol !!


SNMP itself does not define which information (which variables) a managed system should offer. Rather, SNMP uses an extensible design, where the available information is defined by management information bases (MIBs). MIBs describe the structure of the management data of a device subsystem; they use a hierarchical namespace containing object identifiers (OID).
SNMP is based on the manager/agent model consisting of an SNMP manager, an SNMP agent, a database of management information, managed SNMP devices and the network protocol.SNMP was derived from its predecessor SGMP (Simple Gateway Management Protocol) and was intended to be replaced by a solution based on the CMIS/CMIP (Common Management Information Service/Protocol) architecture. This long-term solution, however, never received the widespread acceptance of SNMP.
SNMP traps obviously contain information specific to the SNMP protocol such as Enterprise ID, Generic Trap and Specific Trap. Since SNMP is a UDP-based protocol and messages can therefore be lost, SNMP traps should be avoided where events can be received through other mechanisms such as log file encapsulation.
Summary:
  • Not very secure
  • SNMP version 2 is addressing this
  • Extended security is possible with current protocol (example: DES and MD5)
  • Does not reduce its power for monitoring




No comments: