[unisog] Cisco switch monitoring without SNMP
pmeunier at cerias.net
Tue Oct 17 17:45:00 GMT 2006
On Oct 17, 2006, at 12:34 PM, Mark Boolootian wrote:
>> Replacing "old" equipment may be quite expensive. I would feel quite
>> uncomfortable using only source IP filtering and a community string
>> that could be sniffed for anything but a temporary or stop-gap
>> solution. Once it gets sniffed or guessed it's game over.
> If you're talking about a read-write community string, I'd agree.
> However, I don't think the same can be said for a read-only community
> string. Source IP filtering is quite effective when used with a
> community string. It means that only the permitted systems/subnets
> be able to reap SNMP data, even in the face of a miscreant
> discovering the
> read-only string.
More information about the unisog