Another post in the records for the tech blog, this time all about opensource network monitoring with LibreNMS!

  • slazer2au
    link
    fedilink
    English
    5
    edit-2
    19 days ago

    I only have one issue with the post.

    The conclusion says use long random SNMP community strings.

    Ideally you should be using SNMPv3 because snmp1/2/2c are all clear text.

    Apart from that, nice article

    • StarkZarnOP
      link
      fedilink
      English
      719 days ago

      You are absolutely correct, thank you. Sadly a bunch of devices still don’t support it, even in 2025 (like my microtik switch) for example. I will absolutely add a note about that though, thank you!

      • StarkZarnOP
        link
        fedilink
        English
        519 days ago

        Updated the post to reflect your feedback here. Thank you!

      • slazer2au
        link
        fedilink
        English
        119 days ago

        Really? SNMPv3 was ratified in 1998. How does anyone take them seriously without it?

        • StarkZarnOP
          link
          fedilink
          English
          619 days ago

          And IPv6 was codified in RFCs and first addresses issued in 1999 but look where we are now. I’d bet your corporate network doesn’t use IPv6 still. It’s unfortunate, but sometimes the wheels of change are slow.

          • slazer2au
            link
            fedilink
            English
            219 days ago

            My home, work, and mobile networks are all dual stacked.

            This is a difference in kind. IPv4 live was extended with Nat and cgnat, but nothing equivalent came for snmp.

            • StarkZarnOP
              link
              fedilink
              English
              619 days ago

              Hey good for you, that’s awesome! My home network is also dual stacked.

              You’re right about the apples to oranges comparison, but it’s not so wildly off, because the commentary is on adoption of new standards, regardless of bolt-on “fixes.” Unauthenticated SNMP went through three revisions prior to adding authentication and encryption support.