[unisog] Cisco switch monitoring without SNMP

p p pmeunier at cerias.net
Tue Oct 17 17:45:00 GMT 2006


On Oct 17, 2006, at 12:34 PM, Mark Boolootian wrote:

>
>> Replacing "old" equipment may be quite expensive.  I would feel quite
>> uncomfortable using only source IP filtering and a community string
>> that could be sniffed for anything but a temporary or stop-gap
>> solution.  Once it gets sniffed or guessed it's game over.
>
> If you're talking about a read-write community string, I'd agree.
> However, I don't think the same can be said for a read-only community
> string.  Source IP filtering is quite effective when used with a  
> read-only
> community string.  It means that only the permitted systems/subnets  
> will
> be able to reap SNMP data, even in the face of a miscreant  
> discovering the
> read-only string.
>
Agreed, thanks


More information about the unisog mailing list