Re: Windows 2k SNMP Wonkiness Poll

[Valdis.Kletnieks () vt edu]

On Thu, 14 Feb 2002 00:01:04 +0100, Filip Jonckers <fjonckers () Interconnect be>  said:
> A lot of server installations NEED snmp service installed...
...
> just try to manage a network with a few hundreds devices (or even a few
> dozen)
> without SNMP .....

I feel your pain - my machine room is over 1/4 acre. ;)

However, if you didn't know your box was running SNMP, it's a pretty
safe bet that it's not being monitored by your network management tools ;)

Unfortunately, I'm willing to bet that not more than 5% of the
hosts that are running SNMP are actually being managed by some
tool like that, and that 3/4 of THOSE didn't change the community
names.  Which means that the *other* 97% are just waiting to get
burned by the next exploit....

ANd I'm also willing to bet that we'll see a poly-lingual exploit,
that is willing to attack either Wintel or one or more Unixoid
systems.  After all - you *can* ask your victim how they'd prefer
to be exploited (although I'm doubtful we'll see a printer-based
variant).

                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com