[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Agentx] SNMP v3 Security Considerations
After having read all of the latest RFC's concerning SNMP v3, I've
notice that there is no mention about one possible weakness when using a
combination of SNMP v3 or SNMP v3 in combination with v2 and/or v1 in a
single device.
Devices such as Cisco Switches and Routers as well as many other
vendor's devices often allow the ability to specify several types of
SNMP support in their configuration.
In that concern, I think a WARNING should be added for the following
combinatoric usage:
1) If SNMP v3 AuthPriv is used in combination with AuthNoPriv
2) If SNMP v3 AuthPriv is used in combination with NoAuthNoPriv
3) If SNMP v3 AuthPriv is used in combination with SNMP v2c
4) If SNMP v3 AuthPriv is used in combination with SNMP v1
All 4 of the above combinations include Encrypted data as well as
PlainText data.
If any device is configured simultaneously with any one or more of the
above combinations, they will be virtually giving away their Encryption
Key because if a device is configured with any PlainText along side
Encrypted text, it will make it very easy to crack the key!
As such, a WARNING against such usage should be included in one or more
of the latest SNMP v3 RFC's where Encryption is mentioned.
Sincerely,
Walter Benton