INSECURITY WARNING -- Windows Vista and W2K3 Server Do Not Support SNMP v3
OfflineMost of us know that SNMP v1 and v2 are not as secure as they can be, and that SNMP v3 is the best way to go. I have now learned that Windows Vista, and W2K3 Server, both do not support SNMP v3. Instead, Microsoft wants to sidestep this altogether and are trying to corner the market with a proprietary performance management avenue called MOM. So, for performance management of workstations and servers, Microsoft gives you two options, an older, insecure version of SNMP, or a new, proprietary protocol. Surprised?
Newer administrators might not know this. They might simply implement the SNMP, not knowing it's not SNMP v3. Unfortunately, UDP is prone to spoofing and has to be patched continuously to protect that protocol, and SNMP was designed primarily for UDP (IP) protocol. In versions of SNMP earlier than v3, the community name and other information came across the network in clear text. Therefore, it's a risk. Microsoft may want to preach how secure they are, but they can't even support SNMP v3. They do a great job of hiding the version number in their version of SNMP or letting this fact get out. Sadly, supporting SNMP v3 is an extremely easy thing to write in C++, especially if you have support for SNMP v2, but Microsoft doesn't do this because they want to push their own proprietary vendor lock-in.
Some computers may get compromised, unfortunately, because Microsoft has chosen to go this route.
And to think, Microsoft recently wanted you to consider this whole new set of products to make you think that their OS is secure:
Copyright © 2004 - 2008 Libervis Network - Some Rights Reserved :: Advertise :: Privacy Policy :: Contact
Thank you for once again exposing that microsoft doesn't care about their customers at all.
reply quote
Post new comment