Issue with Snmp v3 security

Question

Issue with Snmp v3 security

prakashguru opened this issue 3 years ago · 2 comments

Hi,
Thanks for the great library.

I followed the samples "snmpd". It is working as expected.

But all the objects added to the objectstore are accessible without specifying any v3 user credentials!. e.g. The external snmp agent sends a v3 request with "no auth no priv" and able to walk all the object values.

Seems that is to support the v3 Discovery. https://github.com/lextudio/sharpsnmplib/blob/master/SharpSnmpLib/Security/UserRegistry.cs#L105

Is there a way to allow only the users in the user registry can access the object store?

Thanks,
Prakash

Answer 1 · 2021-12-24T14:19:13.000Z

The sample code is just for demonstration purposes. Discussions on its security risks is beyond the scope of this project.

Answer 2 · 2021-12-24T14:23:07.000Z

Thanks for the swift response. Do you have any pointers like which class I have to look for customizing this behavior?