The first two versions of the SNMP protocol (SNMP v1 and SNMP v2c) contained clear text passwords and provides NO SECURITY at all that's the reason SNMP v3 was later developed to secure the protocol. So when choosing the vendor product makes sure the SNMP v3 support is available. SNMP v3 can be configured in following ways:-
- SNMPv3 with User-Based Security Model (USM) which secured the protocol by allowing administrators to define "users" with various security credentials and supported by most devices.
- Tunneling SNMPv3 packets over SSH, TLS and DTLS. The SSH protocol uses existing SSH authentication and encryption methods (like SSH keys and/or usernames and passwords) to secure its traffic. And the TLS and DTLS protocols use X.509 certificates for securing its traffic. Hopefully this will be supported by most devices soon.
- Another way of securing SNMP is to implement a Kerberos security model for SNMPv3. Although Net-SNMP contains a prototype implementation of this, the work was never finished within the IETF nor within the Net-SNMP implementation and is not yet ready for real-world use.
- Effective Project Management through ‘do.com’
- Ping: How to turn off ICMP ECHO Response on Linux Server
- Character Encoding: Convert from UTF-8 to ISO-8859-1
- Change Login Shell of Linux User
This post appeared on the softlexicon.com by Sumit Goel. Copyright © 2012 – softlexicon.com and Sumit Goel. All rights reserved. Not to be reproduced for commercial purposes without written permission.