[Nagiosplug-devel] SNMP community in host configuration

Patrick Proy nagios at proy.org
Sat Dec 18 00:57:02 CET 2004


> 
> Not me, no. The idea to use different SNMP auth-data for all 
> your snmp-enabled devices doesn't really add all that much to 
> security (if someone can get their hand on one of the 
> community strings/username:password pairs he/she can probably 
> get more from the same source, be it sniffing, social 
> engineering or what not), unless you take into account 
> bruteforce attacks, and I haven't come across a properly set 
> up network yet that does things this way.

My problem is not about security : I totally agree that giving multiple snmp
communities doesn't increase security.

The problem is that when I install Nagios in a company, I often see multiple
snmp communities because of different people managing different servers or
network equipements, or people assigning one snmp community per site,
etc.... 
And there is nothing I can do about it except telling them it's silly to do
like this.

So having snmp communities in host would make admin of Nagios much more
easy.

Patrick Proy
nagios AT proy.org 






More information about the Devel mailing list