[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
On Fri, Jan 09, 2009 at 03:25:44PM -0500, Steve Shockley wrote:
>> SNMP communities are a safety, not a security measure. I know of very few
>> SNMP implementations that have protections against brute force or
>> dictionary attacks.
> srsly? Passwords don't have much in the way of brute-force or
> dictionary attack protection, but I wouldn't put my password in my
> out-of-office message.
Most password authentication systems have a rate limit which is pretty
effective against dictionary attacks -- however SNMP implementations don't
do the same for community strings. My point is that community strings are
not passwords in the strictest sense, and people should stop treating them