Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Alex Scoble

Check your SNMP security

1 comment

IT TOPICS:Hardware, Management, Networking, Security, Software

Here's a good axiom to follow: By default, no device or system on your network is secure.

What do I mean by this? I mean, when you first plug in and turn on a device, just about any networked device, you must do work to secure it as the default settings are almost always not secure.

This goes for printers, switches, firewalls, laptops, desktops, servers, networked storage devices, etc.

For instance, a lot of devices these days come with Simple Network Management Protocol (SNMP) installed and running. What's even worse for the security conscious tech person, is that the Read and Write security "community" strings for SNMP are set to the default of public and private, respectively.

This is a pretty serious security hole that can be used by a hacker, once inside your network, to catalogue systems on the network or, depending on the hacked device's implementation of SNMP, do various other nefarious things to include taking control of an insecure system and using it to commit further attacks.

So do yourself a favor. Disable SNMP on all your networked devices if you aren't using it, or if you are using it, make sure you update the device with the latest patches and or firmware related to SNMP security and make sure you change the community strings from the defaults to something a lot more secure.

Email this

Digg this

What People Are Saying

Add new comment

This is good advice. The

Submitted by JHayes on September 1, 2006 - 12:09 A.M.

This is good advice. The problem for the SMB is knowing how to do this -- how to disable SMTP.

Report this comment

Linux's dirty little secret: Uninstall

Shark Tank: It's all about communication

Beware the mad scientist...

Round 6: H-1B Battle - American engineering's "April Fools"

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Do more with less thru Netcool?
Learn how IBM Tivoli® Netcool® solutions can help service providers streamline their operations, improve responsiveness and reduce costs.

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

IDC report: Profitability and OSS Support: A Return on Investment Analysis of IBM Tivoli Netcool
IDC studied 14 mobile and fixed-line service providers that implemented Tivoli® Netcool® and found that IBM Tivoli Netcool can help in big ways.

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

All White Papers | All Webcasts