Security Incidents mailing list archives
RE: SNMP vulnerability test?
From: "Ralph Los" <RLos () enteredge com>
Date: Wed, 13 Feb 2002 15:55:15 -0500
I can confirm, at least from our CD Set (Retail Win2k Server), that SNMP is installed by DEFAULT and listening. Scares you, doesn't it? ----------------------------------------| Ralph M. Los Sr. Security Consultant and Trainer EnterEdge Technology, L.L.C. rlos () enteredge com (770) 955-9899 x.206 ----------------------------------------| ::-----Original Message----- ::From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] ::Sent: Wednesday, February 13, 2002 1:25 PM ::To: Eric Brandwine ::Cc: Davis Ray Sickmon, Jr; incidents () lists securityfocus com ::Subject: Re: SNMP vulnerability test? :: :: ::On Wed, 13 Feb 2002 18:19:08 GMT, Eric Brandwine said: ::> Win2k Server does install and listen on snmpv1, public by ::default (at ::> least our CDs of it do). I have no idea how or why it was enabled, ::> but a little quick scanning turned up some scary results. :: ::Thrills. Can anybody confirm this? Does Eric have wonky ::install CDs, or was the Microsoft portion of the CERT ::advisory incorrect? :: ::/Valdis :: :: ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: SNMP vulnerability test? Jason Craig (Feb 13)
- <Possible follow-ups>
- RE: SNMP vulnerability test? Ralph Los (Feb 13)
- Re: SNMP vulnerability test? Kevin Moon (Feb 13)
- RE: SNMP vulnerability test? Filip Jonckers (Feb 13)
- RE: SNMP vulnerability test? Matthew LaGrange (Feb 13)