About SNMP:

  • used to manage network resources and check their status
  • vulnerable to eavesdropping and spoofed information
  • used by hackers to gain information about the network

SNMP uses a community string password sent in clear text for authentication. Community strings are often spoofed, because the community string default is "public" and is not often changed.

  • SNMP should be blocked from entering or leaving networks.
  • SNMPv1 has authentication, but the password is still sent in the clear.
  • SNMPv2 sends an MD5 hash for authentication, and is capable of using Data Encryption Standard (DES) for encrypting messages.