[unisog] Cisco switch monitoring without SNMP
booloo at ucsc.edu
Tue Oct 17 16:34:46 GMT 2006
> Replacing "old" equipment may be quite expensive. I would feel quite
> uncomfortable using only source IP filtering and a community string
> that could be sniffed for anything but a temporary or stop-gap
> solution. Once it gets sniffed or guessed it's game over.
If you're talking about a read-write community string, I'd agree.
However, I don't think the same can be said for a read-only community
string. Source IP filtering is quite effective when used with a read-only
community string. It means that only the permitted systems/subnets will
be able to reap SNMP data, even in the face of a miscreant discovering the
More information about the unisog