[SNMP4J] AuthenticationFailure notification with invalid V3 query
Frank Fock
fock at agentpp.com
Mon Nov 16 23:49:41 CET 2009
Hi Vivi,
I have removed the generation of the authenticationFailure
trap in SNMP4J-Agent 1.3.1 to be more robust against DoS
attacks. There is no benefit from having generated these
traps.
Regards,
Frank
Vivi Zhang wrote:
> Frank:
>
> The email was send Oct 28. I have not seen reply yet. Guess it got
> lost. Let me try it again.
>
> I am trying to verify that SNMP4J will send out an authentication
> failure notification when it receives an query with bad user name, or
> bad password. Is there a way to verify the notification works with
> SNMP4j test agent?
>
> I found a thread of conversation between you and Marek on:
> http://fixunix.com/snmp/64320-wrong-authorization-alarm-trap-usm.html./
> "Indeed, AGENT++ did not generate authenticationFailure notifications
> on usmWrongDigest and usmNotInTimeWindow failures. I have fixed that bug
> and you can download the new version
> <http://fixunix.com/#> from http://www.agentpp.com"
> <http://www.agentpp.com>/
>
> I am using AgenPro 2.7.2, SNMP4J is version 1.9.3c, and SNMP4JAgent is
> version 1.2.1d. Does this version contain your fix? Or this version
> contains this bug? Is there any option I can choose during code
> generation phase to make authentication failure notification?
>
> Could you explain which error codes will trigger the notification?
>
> Thanks for your help in advance.
>
> Vivi
>
> Vivi Zhang wrote:
>> Frank:
>>
>> I wonder how to make a notification recipient receive an
>> authenticationFailure notification when an agent received an query
>> with bad user name or bad password. When agent receives a v2 query
>> with bad community string, the api SNMPv2Mib:: incrementCounter()
>> calls notify api and send out notifications. But when the agent
>> receives a v3 query with bad username, no notification is send out.
>>
>> I am using : SNMP4J is version 1.9.3c, and SNMP4JAgent is version 1.2.1d.
>>
>> This is second question. According to CHANGES.txt on snmp4j site:
>>
>> [2009-07-30] v1.3.1 (Requires SNMP4J v1.10.1)
>> ....
>> * Improved: Authentication failure traps are no longer
>> sent on usmNotInTimeWindow and usmUnknownEngineID
>> reports.
>>
>> I am wondering why? If a user has a bad username, would that cause
>> usmNotInTimeWindow error since the second part of discovery requires
>> user credential?
>>
>> Thanks.
>>
>> Vivi
>>
>>
>>
>
--
AGENT++
http://www.agentpp.com
http://www.snmp4j.com
http://www.mibexplorer.com
http://www.mibdesigner.com
More information about the SNMP4J
mailing list