0
1

[–] NoBroken 0 points 1 point (+1|-0) ago 

Don't use v2 Do use v3

v2 and secure don't belong together

:)

What are you configuring this on out of curiosity?

0
0

[–] jcdouglas [S] ago 

On a VM with LibreNMS/OpenNMS. I know I read somewhere that v1 is never supposed to be used. Most of the devices I have access to use v2c or v2c & v3. I guess I should be asking if SNMP is even worth learning.

0
0

[–] NoBroken ago 

There's not a significant difference in security or operation between v1 and v2. SNMP is definitely worth learning if you're managing any kind of networked devices. Lots of people still haven't taken the effort to learn v3 but it's really not that bad.

0
1

[–] SirusCloud 0 points 1 point (+1|-0) ago 

As a pentester by trade I strongly suggest never using snmp, it's a massive info leak if your network is ever breached. There's no good reason for it if you're concerned about security.

0
0

[–] jcdouglas [S] ago 

As a pentest fan, I agree, however I hate being ignorant about something just because of it's security implications. What would you suggest as an alternative for monitoring of network/server infrastructure?

0
0

[–] SirusCloud ago 

Syslogs go alright. If you setup graylog it can structure all the input for you in pretty graphs and stuff.

0
0

[–] oddmeta ago 

How do you feel about SNMPv3?

0
0

[–] SirusCloud ago 

Well, yeah OK, it's secure enough.