Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

In-House Fixes

Beware of SNMP

I found Bruce Boardman's recent review of network-monitoring software ("More Ping, Less Bling," Oct. 1, 2004) very useful. I will likely acquire my monitoring suite from his shortlist.

It appears that you can divide network-monitoring systems into two classes: those that rely on SNMP and those that require proprietary agents.

I was leaning toward SolarWinds.Net's Engineer's Edition Toolset 7, so I did a little research into the SNMP protocol. The results weren't encouraging. CERT issued a vulnerability notice, and Microsoft advises not to use SNMP at all if the machine is exposed to the Internet.

Is a system like Neon Software's LANsurveyor, which uses proprietary agents, inherently more secure? Or am I safe with an SNMP-based system, as long as the SNMP services are running behind a firewall?

  • 1