I think someone just talked about how ICMP is inherently insecure and can't be secured. SNMP can be secured by using version 2 (or 3???) which uses encryption (so what you state at the end of your post is correct; you can and should configure encryption with SNMP traffic). As far as disallowing all ICMP and SNMP I would say this. First why even turn on SNMP if you are not going to use it????? Just shut it off and don't even run the service (basic security tenant is to remove unnecessary services). Second some tcp/ip functions will not work right because they depend on ICMP for error messages (apps, routers, etc). Some people are scared of ICMP because attackers can use it to map out your network. I would say this; IMHO the risk of that as compared to the benefits of having the information that ICMP delivers available to you is very worth it. There are other ways for attackers to map out your network ICMP is only one of them.
HTH, Leon -----Original Message----- From: eko yulianto [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 08, 2001 11:46 PM To: [EMAIL PROTECTED] Subject: How Securing SNMP and ICMP traffic Hello, Is there anyone can telling me how to make SNMP and ICMP traffic secure? because I thought if I disallowed all snmp and icmp traffic in my network I will get headache if I have to checking connection when the network problem occur, thank's. Do I wrong if I configure every device with policy only allowed limited type or code, size, source/destination for icmp traffic and only encrypted packet for snmp traffic in my network? Thank's for any comments. Eko Yulianto IT Security Menara Asia 3rd Floor Diponegoro 101, Lippo Karawaci Tangerang, Indonesia Phone: +62.21.5460666 ext.5335 Fax: +62.21.5460660 Post Office: 15810 E-mail:[EMAIL PROTECTED]
