10 comments

[ 8.4 ms ] story [ 32.9 ms ] thread
When I worked at a company that made some networking equipment SNMP was a constant problem, security, bugs that crash the device and so on.

It became clear to me over time that the pattern at that company was to direct the less great engineering resources to SNMP...

You're secure if you don't expose SNMP. Can't believe there are that many devices out there with that exposed though.
The "yet another mortal security flaw in Cisco..." stories never seem to end.

Daydream: Journalists start ending such articles with "This is the Nth critical security flaw for Cisco in just the past year. Network security professionals we spoke to agree that network equipment vendors X, Y, and Z all have far better track records than Cisco."

I guess that `no snmp-server` is enough to be protected. Well, I hope so.
A few years ago North Korea had some Cisco routers with all ports open to the Internet, wonder if they are vulnerable.
I haven't seen a large increase in snmp scanning, but I'll keep watching... it's pretty low activity, usually.
SNMP: It's an acronym and a homonym.
I think Cisco SNMP vulnerabilities have been appearing for 20 years or more. I wish someone would add a fuzzer to their release testing script.
2M devices is a maaaaassive attack surface.

This is why zero trust networking makes sense. You can't assume the network layer is secure when the infrastructure itself is compromised.