Apologies if this is the wrong place to post, please direct me to the correct place.
I'm behind the times when it comes to SNMP and NMS systems, but I'm trying to learn to setup and use SNMP with a proper configuration (secured-ish, v2c+), however my searches for general guidelines seem to come up lacking. Also and maybe I haven't read enough but it seems SNMP configurations are arbitrary to say the least. I get that one would want to change the community names forgoing public/private default names for security purposes, but when/why would you want to use read only vs read/write settings for your community traps? Is this in relation to using different NMS/MIB systems?
Sort: Top
[–] SirusCloud 0 points 1 point 1 point (+1|-0) ago
As a pentester by trade I strongly suggest never using snmp, it's a massive info leak if your network is ever breached. There's no good reason for it if you're concerned about security.
[–] oddmeta ago
How do you feel about SNMPv3?
[–] SirusCloud ago
Well, yeah OK, it's secure enough.
[–] jcdouglas [S] ago
As a pentest fan, I agree, however I hate being ignorant about something just because of it's security implications. What would you suggest as an alternative for monitoring of network/server infrastructure?
[–] SirusCloud ago
Syslogs go alright. If you setup graylog it can structure all the input for you in pretty graphs and stuff.
[–] NoBroken 0 points 1 point 1 point (+1|-0) ago
Don't use v2 Do use v3
v2 and secure don't belong together
:)
What are you configuring this on out of curiosity?
[–] jcdouglas [S] ago
On a VM with LibreNMS/OpenNMS. I know I read somewhere that v1 is never supposed to be used. Most of the devices I have access to use v2c or v2c & v3. I guess I should be asking if SNMP is even worth learning.
[–] NoBroken ago
There's not a significant difference in security or operation between v1 and v2. SNMP is definitely worth learning if you're managing any kind of networked devices. Lots of people still haven't taken the effort to learn v3 but it's really not that bad.