[Ach] Securing SNMP
Joe St Sauver
joe at oregon.uoregon.edu
Tue May 20 02:37:10 CEST 2014
Hi,
A very interesting discussion around SNMP in the context of SCADA
security on the Infracritical SCADASEC list (see
http://www.infracritical.com/?page_id=53 ) centered around a
discussion of SNMPv3 crypto. I hadn't known that Net-SNMP uses
OpenSSL as of version 5.6. Interesting reference from that discussion:
http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption
Should https://bettercrypto.org/static/applied-crypto-hardening.pdf
include a section on hardening SNMPv3 appropriately (I don't think
there's any discussion of SNMP current in the draft).
Regards,
Joe
More information about the Ach
mailing list