Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
- Make sure that you monitor and update the host name settings on an ongoing basis. This will help ensure timely detection of any unauthorized access.
- When you configure security options, do not click Accept packets from any host.
- Take advantage of SNMP security checking by configuring authentication traps on all SNMP agents.
- If you will be monitoring service-specific components, such as Dynamic Host Configuration Protocol (DHCP) or Windows Internet Name Service (WINS), verify that these services have been successfully installed and configured.
Reduce the risk of internal attacks by configuring the SNMP agent systems to reject request messages from unauthorized management systems. For security purposes, use Internet Protocol security (IPSec) to secure SNMP messages by creating filter specifications in the appropriate IP filter list between SNMP management systems and agents.
Remember that SNMP is an insecure protocol.
If you decide to use SNMP to manage networks, remember that SNMP is an insecure protocol whose effectiveness depends solely on how you implement it.