Hi all. I try read many about this protocol, but i've one simple question for all the expert that desire help me: What do you think about the use of SNMP protocol in READONLY MODE for monitor distributed geographic network with one single point (Zenoss box, in this case). I mean, is really so bad for security, in your experience, have packets that go around the network that give me the state of the machine that i monitor? Thank all, bye, Mauro.
There are a couple of concerns. One is that SNMP mibs can reveal an awful lot of information about the internal network that might not otherwise be available. Are you comfortable with giving attackers that information?
Also, suppose there is something allowing read/write mode to that snmpd... its password goes across in the clear.
Are you logging or acting on brute force attacks against the daemon?
Are you willing to trust that the daemon on that box won't end up having some sort of vulnerbaility for which an exploit could be developed leading to the root compromise of the device?
If you can get comfortable on those fronts, then it's acceptable risk... but generally speaking, it's a bad idea to allow snmp from unauthenticated anonymous internet hosts.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.