[VOIPSEC] SNMP support for EventCorrelation/NetworkManagementSystems
Mark Teicher
mht3 at earthlink.net
Fri Feb 25 14:02:57 CST 2005
I agree SNMPV3 has the facilities to protect the content of the message, but most end point devices may not have enough capabilities to provide the extra over head to support SNMP v3.
-----Original Message-----
From: Robert Moskowitz <rgm at icsalabs.com>
Sent: Feb 25, 2005 1:51 PM
To: Chris at sip1.com, 'Mark Teicher' <mht3 at earthlink.net>, Voipsec at voipsa.org
Subject: RE: [VOIPSEC] SNMP support for EventCorrelation/NetworkManagementSystems
At 11:05 PM 2/23/2005, Christopher A. Martin wrote:
>I suspect if they are going to implement SNMP the message is getting out
>there...
>
>I would not even consider the alternatives unless there were SSL/TLS or SSH
>support of some kind to protect the confidentiality of the traps and or
>signaling as this can be valuable information to an attacker if it can be
>gained.
SNMPv3 has the facilities to protect the messages.
Note since SNMP is NOT over TCP, you can't run it thorugh SSH (Oh how I
would love to for other things. I was talking to TOmmi Lampila at SSH, and
he said, nope no UDP still).
Running UDP through SSL is kind of tricky. Some of the SSL VPNs do it.
Actually, IPsec would make hte most sense.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
E: rgm at icsalabs.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
More information about the Voipsec
mailing list