SNMP is often used to gather statistics and remotely monitor network
infrastructure devices. It is a simple protocol which contains inadequate
security in early versions. In SNMPv1, community strings, or passwords, are
sent in clear text and can easily be stolen by someone eavesdropping on the
wire. These community strings are used to authenticate messages sent between
the SNMP manager and the agent.
SNMPv2 addresses some of the known security weaknesses of SNMPv1.
Specifically, version 2 uses the MD5 algorithm to authenticate messages between
the SNMP server and the agent.
SNMPv1 lacks any authentication
capabilities, which results in vulnerability to a variety of security threats.
These include the following:
- Masquerading
- Modification of information
- Message sequence and timing modifications
- Disclosure
Masquerading consists of an unauthorized entity attempting to perform
management operations by assuming the identity of an authorized management
entity.
Modification of information involves an unauthorized entity
attempting to alter a message generated by an authorized entity so that the
message results in unauthorized accounting management or configuration
management operations.
Message sequence and timing modifications occur
when an unauthorized entity reorders, delays, or copies, and later replays a
message generated by an authorized entity.
Disclosure occurs when an
unauthorized entity extracts values stored in managed objects, or learns of
notifiable events by monitoring exchanges between managers and agents.
Because SNMP does not implement authentication, many vendors do not
implement set operations, thereby reducing SNMP to a monitoring facility.
Whenever possible, configure filters or access-lists to allow only specified
hosts to have SNMP access to devices
. If SNMP is not
in use, disable the service.