[SNMP4J] SNMPv3 engineBoots/engineTime issue
Jochen Katz
katz at agentpp.com
Tue Aug 10 21:54:31 CEST 2010
Hi,
please see Franks recent response with subject "Initial SNMPv3 handshake
extra step?"
> Can SNMP4J be configured to have similar behavior? Not only is the
> Net-SNMP behavior more efficient
but also it is insecure! If you are using SNMPv3 without authentication,
the NET-SNMP behaviour is ok, as everybody who is able to sniff and
insert packets can send valid responses.
But if you are using authentication, the NET-SNMP behaviour allows an
attacker to prevent all communication between agent and manager. He just
has to answer with an unknownEngineID report with very high boot
counter. If the manager accepts this unauthenicated report it won't be
able to communicate with the agent.
Regards,
Jochen
More information about the SNMP4J
mailing list