Re: SNMP security issues in D-Link DSL Broadband Modem/Router

["Maslov, Snowy" <Snowy.Maslov () fujitsu com au>]

> From: Arhont Information Security [mailto:infosec () arhont com] 
> Sent: Friday, March 28, 2003 1:32 AM
> To: bugtraq () securityfocus com
> Subject: SNMP security issues in D-Link DSL Broadband Modem/Router
>
> While performing a general security testing of a
> network, we have found several security vulnerability
> issues with the D-Link DSL Broadband Modem DSL-500

Note that there are a couple of things you can do to alleviate this
problem.

1.  Change the public and private SNMP community strings.   You can do
this by logging into the DSL router via telnet or using the serial
connection and typing the following (the password for telnet by default
is 'private' - see below):

snmp access flush                       # Flushes all access strings
snmp access read <password>             # Sets your RO community
password
snmp access write <password>            # Sets your R/W community
password
                                        # NOTE: This is also your telnet
                                        # password!  Make sure it is
kept
                                        # safe!
snmp access list                        # Always good to check ;)
config save                             # Saves configuration
restart                                 # Restarts router.

I would really recommend doing this as a matter of course anyways.

2.  You can use the built-in IP filter package to remove access from the
WAN side to TCP and UDP port 161 (and if you are not using it on the LAN
side - I'd do the same there too).