« Pick up news: He may not like i-Pod...? | main | CCIE Study Memo: SNMPv3 (2) in Japanese »
March 05, 2005
CCIE Study memo: SNMPv3 (2)
It's been a while since I started to study SNMPv3. I've been pretty busy with work lately and haven't been able to find time to update this blogs. Yet, SNMP is an imporant subjet too. I should not neglect it.
SNMP may not be a huge topic for CCIE exam, but I think it is in fact a huge topic for day-to-day life of network engineers.
Anyway it does not matter what I think is important. Let's get on with my CCIE wannabe life.
I already mentinoed that there are three different security models in SNMPv3.
1.No authentication / No privacy
->No security
2.Authentication / No privacy
->message is authenticated
3.Authentication / Privacy
->message is authenticated and encrypted.
I've explained the first one before. Let's what the second one Authentication/No privacy is all about today.
First of all, what kind of security threats is this model intended to provide protection against?
1.Modification of Information
The authentication assures that a received message has not been altered in transit.
2.Masquerade
The authentication assures that a received message was sent by the principla whose identifier appears as the source in the message header.
3.Message Stream Modification
The authentication assures that a received message has not been artificially replayed or delayed.
How does authentication/no privacy model provide those protection?
Let's save it as a topic for tomorrow's entry.
author aglogin : March 5, 2005 01:36 PM