Re: SNMP v2c

lenovo1987 · ‎07-03-2013

I have just been conducted a small security review on our VoIP network. One of the issues I have found is that SNMP v2c is enabled and I know this to be a insecure protocol.

When I questioned our IT department they stated that the CUCM system does not respond to SNMP v2 commands and that SNMP agents are configured not to respond to update commands.

My understanding is that if a service is not being used it should be disabled completely. My concern is that if an attacker was able to get a foothold on our VoIP network, that they would be able to reconfigure the agents to accept SNMP commands and then use this to further attack the network. Is this possible at all and is the current solution to the problem a sufficient one? If not, what is the best way to deal with this problem if SNMP is not being used?

Sorry if this is in anyway vague.

lenovo1987 · ‎07-04-2013

Can anyone help?

paolo bevilacqua · ‎07-04-2013

First of all you should start mentioning all systems and version that you are using or concerned about..

Second,The response you've receioved is totally correct. If you use SNMP (and in itself that is totally optional), keep the community strings confidential, and that's it.

Gordon Ross · ‎07-04-2013

Paolo Bevilacqua wrote:

If you use SNMP (and in itself that is totally optional), keep the community strings confidential, and that's it.

And make sure no-one can sniff the traffic between your SNMP devices and SNMP manager. And most definitely don't allow updating via SNMP.

GTG

Please rate all helpful posts.