From: Praveen Bahethi (pbahethi@xxxxxxxxxxxxxxxxxxx)
Date: Wed Feb 13 2002 - 14:51:33 GMT-3
Matt,
SNMP v2, in the vernacular of a good friend, a 'speedbump in the Information
Highway.' SNMP v3 is out and has great features such as encryption and
levels of access/ security. The only problem is a variety of products don't
support it, to date I believe CiscoWorks 2000, where are good MIB writers
when you need them.
To get around the inherent problems with SNMPv1, I recommend running IPSEC
tunnels for SNMP to be encapsulated/encrypted in to your management devices.
Is this a pain in the rear, yes! But it stops a sniffer cold in reviewing
the passwords.
V/R,
Praveen
----- Original Message -----
From: "Matt Wagner" <miguknom@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, February 13, 2002 11:19 AM
Subject: OT (again): SNMP warning from CERT yesterday
> Also, CERT only says that the problem is with SNMPv1, but Cisco just says
> SNMP. Does anyone know whether the vulnerability applies to v2?
>
> Matt
>
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:21 GMT-3