by Melisa LaBancz

With an overwhelming influx of devices wanting to connect to the Internet, SNMP 1.0 was developed to standardize their management. Envisioned as a type of protocol to allow for a central management station, all devices would have a small agent on them that would listen for the requests from the manager. With agents sending their data back in the form of ‘traps’ to the manager, this left a two-way communication string that has evident possibilities of error and disruption.

The Oulu protocol test team in Finland set out to discover what would happen if the agent sent the manager a bad trap. Conversely, they tested the manager’s communication by disrupting field lengths and viability. What they found in SNMP 1.0 was fairly shocking. The number of flaws found in any number of directions on the parameters, both on the agent and the manager sides, was much more than they could have anticipated.

Most companies are still shipping SNMP version 1.0, which provides default community strings, public and private, that unless changed allow a hacker easy access in contacting corporate agents still using the standard defaults.

For the full text of this article, click here: http://www.infosecnews.com/opinion/2002/05/15_02.htm

[personally, i think this is a bit over-hyped; smnp is not a time bomb. it is merely something that will, does, and always has, sucked. the protocol is too large, the asn.1 component too burdensome and complex, and frankly much better things can be done. i prefer to wholesale avoid it – alec]