Bugtraq mailing list archives
Re: ISS Security Advisory: Hidden community string in SNMP
From: sugarat () THUNDERHOLD SUGARAT NET (sugarat)
Date: Mon, 16 Nov 1998 16:49:58 -0500
I am seeing the same results on a 2.6 and a 2.5.1 system with B.5.01 NNM installed. matt
Do you only see the output when you are on the local machine? How about from spoofed 127.0.0.1 packets? Is sending a reset from 127.0.0.1 enough to make hte host think it is the local machine? If so, then a local firewall, not permitting 127 packets from outside the machine is necessary, and even then you better trust the people who have access to the box itself. We have tried a box, Solaris 2.6 patched to current (current as of september), that is running the default Sun snmpd binary. The hidden community "all private" worked from local and remote machines. I'm not quite sure what we're going to do about this, but on non critical boxes, ie: the ones we watch only for cold start traps, we have turned of snmpd and use shell scripts that call snmptrap to send the traps we need to receive. If anybody else has any solutions, I'm sure we'd all love to hear them. -Tim -- Timothy Kennedy | Erol's Internet Service Network Administrator | 1-703-321-8000 ext. 2224 sugarat () erols com | http://www.erols.com
Current thread:
- ISS Security Advisory: Hidden community string in SNMP X-Force (Nov 02)
- Re: ISS Security Advisory: Hidden community string in SNMP Jean Chouanard (Nov 04)
- Re: ISS Security Advisory: Hidden community string in SNMP Roland Grefer (Nov 05)
- <Possible follow-ups>
- Re: ISS Security Advisory: Hidden community string in SNMP Davin Milun (Nov 05)
- Re: ISS Security Advisory: Hidden community string in SNMP Raphael Muzzio (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 17)
- nftp vulnerability (fwd) Eric Wanner (Nov 16)
- ISSalert: ISS Security Update Aleph One (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP Jean Chouanard (Nov 04)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 16)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Nov 16)
- KDE 1.0's klock can be used to gain root priveledges HD Moore (Nov 16)
- Re: KDE 1.0's klock can be used to gain root priveledges Phillip Vandry (Nov 17)