I am seeking to secure SNMPv3 communications (e.g., RFC 3414), trying to
protect against its well-known vulnerabilities such as spoofing. Had SNMPv3 run
over TCP, instead of UDP as it does, then I perhaps may attempt to protect it
via SSH port forwarding (i.e., SSH tunneling). Coincidentally, I've just read a
description in Bob Toxen's book "Real World Linux Security" (page 141) about an
approach he has apparently used of wrapping UDP in TCP and SSH in order to
accomplish SSH port forwarding for UDP-based protocols as well. This makes me
wonder whether SNMPv3 may be a viable candidate for SSH tunneling after all. I
am wondering whether anybody in the list has any insights as to the viability
and weaknesses of this suggested approach. I am especially interested in
learning how people on this list secure SNMPv3. Thank you.