[Ach] Securing SNMP
Aaron Zauner
azet at azet.org
Tue May 20 10:15:33 CEST 2014
Hi Joe,
Joe St Sauver wrote:
> include a section on hardening SNMPv3 appropriately (I don't think
> there's any discussion of SNMP current in the draft).
We've discussed this issue repeatedly: Like LOM/Remote Management SNMP
should not be available from a routed network (i.e. use a private VLAN).
There are tons of problems with that, popular vendors (dell, hp)
regularly have exploits or DDoS problems with their embedded remote
management and SNMP stacks.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140520/ef074b73/attachment.sig>
More information about the Ach
mailing list