Cisco Systems Dial NMS User Manual
Overview of Basic SNMP Building Blocks
About SNMP Security
Basic Dial NMS Implementation Guide
About SNMP Security
SNMP lacks authentication capabilities, which results in a variety of security threats:
Masquerading—An unauthorized entity attempting to perform management operations by
assuming the identity of an authorized management entity.
assuming the identity of an authorized management entity.
Modification of information—An unauthorized entity attempting to alter a message generated by
an authorized entity, so the message results in unauthorized accounting management or
configuration management operations.
an authorized entity, so the message results in unauthorized accounting management or
configuration management operations.
Message sequence and timing modifications—Occurs when an unauthorized entity reorders,
delays, or copies and later replays a message generated by an authorized entity.
delays, or copies and later replays a message generated by an authorized entity.
Disclosure—Results when an unauthorized entity extracts values stored in managed objects.
The entity can also learn of notifiable events by monitoring exchanges between managers and
agents.
The entity can also learn of notifiable events by monitoring exchanges between managers and
agents.
Note
Because SNMP does not implement authentication, many vendors do not implement Set
operations, which reduce SNMP to a monitoring facility.
operations, which reduce SNMP to a monitoring facility.