As a pentester by trade I strongly suggest never using snmp, it's a massive info leak if your network is ever breached. There's no good reason for it if you're concerned about security.
[–]jcdouglas[S]0 points
0 points
0 points
(+0|-0)
ago
As a pentest fan, I agree, however I hate being ignorant about something just because of it's security implications. What would you suggest as an alternative for monitoring of network/server infrastructure?
[–]jcdouglas[S]0 points
0 points
0 points
(+0|-0)
ago
On a VM with LibreNMS/OpenNMS. I know I read somewhere that v1 is never supposed to be used. Most of the devices I have access to use v2c or v2c & v3. I guess I should be asking if SNMP is even worth learning.
There's not a significant difference in security or operation between v1 and v2. SNMP is definitely worth learning if you're managing any kind of networked devices. Lots of people still haven't taken the effort to learn v3 but it's really not that bad.
[–] SirusCloud 0 points 1 point 1 point (+1|-0) ago
As a pentester by trade I strongly suggest never using snmp, it's a massive info leak if your network is ever breached. There's no good reason for it if you're concerned about security.
[–] oddmeta ago
How do you feel about SNMPv3?
[–] SirusCloud ago
Well, yeah OK, it's secure enough.
[–] jcdouglas [S] ago
As a pentest fan, I agree, however I hate being ignorant about something just because of it's security implications. What would you suggest as an alternative for monitoring of network/server infrastructure?
[–] SirusCloud ago
Syslogs go alright. If you setup graylog it can structure all the input for you in pretty graphs and stuff.