First page Back Continue Last page Overview Graphics
SNMP: Three Versions
Version 1 – RFC 1157, May 1990.
Version 2 – RFC 1906, January 1996 – is just an extension of version 1.
- Version 1 & 2 are in clear text! Ack!
- “For all practical purposes, security is the only issue SNMPv3 addresses; there are no other changes to the protocol.” -- Essential SNMP, Appendix F.
Essential SNMP lists over 150 RFCs... Very thought out!
Notes:
II. SNMP: Three Versions
A. Version 1 was very simple.
i. CERT® Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
a) Original release date: February 12, 2002
b) Last revised: May 24, 2005
c) The Oulu University Secure Programming Group reported numerous vulnerabilities in SNMPv1 request and trap handling implementations from many different vendors.
d) http://www.cert.org/advisories/CA-2002-03.html
B. Version 2 is just an extension of version 1. It just extended the data types, provided some more data that one could query and slightly changed the idea behind traps.
C. Version 1 & 2 are in clear text. Network snoopers can read your community names! “For all practical purposes, security is the only issue SNMPv3 addresses; there are no other changes to the protocol.”
i. “Although Version 3 is an important step forward, you can almost certainly ignore this; very few vendors support v3. Version 3 is discussed in Appendix F, `SNMPv3`.” -- Section 7.3.4.1 of Essential SNMP.
ii. Windows XP Embedded with Service Pack 2 (February 10, 2005)
a) http://msdn.microsoft.com/chats/transcripts/mobileembedded/xpesp2_050210.aspx
b) JKremer_MSFT (Expert):
c) Q: When will SNMP v3 be available for XPe? Will it be installable like a hot fix or security update? Or, will it be only for development systems?
d) A: I'm not sure what implementation of SNMP technology you're referring to. What's the scenario you're looking to enable?
iii. Microsoft Operations Manager Executive Chat (March 9, 2005)
a) http://www.microsoft.com/technet/community/chats/trans/mom/mom_05_0309.mspx
b) BaelsonD_MS (Expert):
c) Q: will the platform adopt SNMPv3 or will we need to continue suplementing SNMPv2 with alternative security methods?
A: Sorry, answered the wrong question there. You will need to supplement SNMPv2 for now. We have had little request to support SNMPv3, but this is your chance to really make your voice heard!!!
D. There are numerous Internet Engineering Task Force Request For Comments (RFC) documents that deal with SNMP: Essential SNMP lists over 150 RFCs in one appendix that define SNMP versions, agent extensions and management information base modules. The protocol is very thought out!