0

I've been reading RFC3414 about User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) , and it says :

There are at least two threats that an SNMP Security Model need not protect against. The security protocols defined in this memo do not provide protection against:

  • Denial of Service This SNMP Security Model does not attempt to address the broad range of attacks by which service on behalf of authorized users is denied. Indeed, such denial-of-service attacks are in many cases indistinguishable from the type of network failures with which any viable network management protocol must cope as a matter of course.

  • Traffic Analysis This SNMP Security Model does not attempt to address traffic analysis attacks. Indeed, many traffic patterns are predictable - devices may be managed on a regular basis by a relatively small number of management applications - and therefore there is no significant advantage afforded by protecting against traffic analysis.

I didn't quite understand how SNMP need not protect against them. Can someone explain this clearly please ? Thank you very much.

G.Darcan
  • 3
  • 4
  • Except a few vendors who published their test SNMP agent on the internet, most devices are in private networks, and the risks of such threats are relatively low and manageable. – Lex Li Mar 07 '19 at 15:31
  • But why ? I don't understand that part. How is it manageable when it's in private networks? – G.Darcan Mar 12 '19 at 07:41
  • Because in a corporate network you have your own network devices where you can enforce security and log the messages. Too broad to cover the details and you need to consult a security specialist. – Lex Li Mar 12 '19 at 13:16

0 Answers0