Under New Management: Practical Attacks on SNMPv3

Download Now
Provided by: Georgia Institute of Technology
Topic: Security
Format: PDF
Network monitoring is a necessity for both reducing downtime and ensuring rapid response in the case of software or hardware failure. Unfortunately, one of the most widely used protocols for monitoring networks, the Simple Network Management Protocol (SNMPv3), does not offer an acceptable level of confidentiality or integrity for these services. In this paper, the authors demonstrate two attacks against the most current and secure version of the protocol with authentication and encryption enabled. In particular, they demonstrate that under reasonable conditions, they can read encrypted requests and forge messages between the network monitor and the hosts it observes.
Download Now

Find By Topic