07-03-2013 01:48 AM - edited 03-16-2019 06:11 PM
I have just been conducted a small security review on our VoIP network. One of the issues I have found is that SNMP v2c is enabled and I know this to be a insecure protocol.
When I questioned our IT department they stated that the CUCM system does not respond to SNMP v2 commands and that SNMP agents are configured not to respond to update commands.
My understanding is that if a service is not being used it should be disabled completely. My concern is that if an attacker was able to get a foothold on our VoIP network, that they would be able to reconfigure the agents to accept SNMP commands and then use this to further attack the network. Is this possible at all and is the current solution to the problem a sufficient one? If not, what is the best way to deal with this problem if SNMP is not being used?
Sorry if this is in anyway vague.
07-04-2013 04:48 AM
Can anyone help?
07-04-2013 07:42 AM
First of all you should start mentioning all systems and version that you are using or concerned about..
Second,The response you've receioved is totally correct. If you use SNMP (and in itself that is totally optional), keep the community strings confidential, and that's it.
07-04-2013 07:49 AM
Paolo Bevilacqua wrote:
If you use SNMP (and in itself that is totally optional), keep the community strings confidential, and that's it.
And make sure no-one can sniff the traffic between your SNMP devices and SNMP manager. And most definitely don't allow updating via SNMP.
GTG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide