Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: SNMP vulnerability test? (fwd)

From: Chris Ess <azarin () tokimi net>
Date: Wed, 13 Feb 2002 16:55:17 -0500 (EST)
[MODERATOR: For reasons in his email below, Mr. Welsh is/was unable to
post to the list.  This may have some relevance on the SNMP discussion.]

---------- Forwarded message ----------
Date: Wed, 13 Feb 2002 13:47:56 -0800
From: "Welsh, Armand" <Armand.Welsh () SSCIMS com>
To: Chris Ess <azarin () tokimi net>
Subject: RE: SNMP vulnerability test?

Compaq insight manager depends on snmp, as do most of the other
equivelant server health monitoring services I have used.

In fact, if you use Compaq smart start to build you OS, SNMP will be
installed.  Tbhis is not default for microsoft, it is default for
Compaq... :)

BTW: I don't have access to post to the list, because of our enoding
type here, so feel free to forward this info if you like...

-----Original Message-----
From: Chris Ess [mailto:azarin () tokimi net]
Sent: Wednesday, February 13, 2002 1:08 PM
To: Valdis.Kletnieks () vt edu
Cc: incidents () lists securityfocus com
Subject: Re: SNMP vulnerability test?



Win2k Server does install and listen on snmpv1, public by default
(at least our CDs of it do).  I have no idea how or why it was
enabled, but a little quick scanning turned up some scary results.


Thrills.  Can anybody confirm this?  Does Eric have wonky install CDs,



or was the Microsoft portion of the CERT advisory incorrect?


This is what I've noticed from doing Windows 2000 Server installs on my
company's set of CDs:

The SNMP service is not installed by default.  You have to manually
select it during installation (Network Management Tools -> Simple
Network Management Protocol iirc).  However, if you opt to install it,
then it will be nice, bright, happy, and live when the system boots.
And with the default community of 'public'.

Now, an interesting question is: How many OEM installs of Windows 2000
have SNMP enabled by default?  Hopefully not very many...

---

Chris Ess
System Administrator / CDTT ( Certified Duct Tape Technician)


------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service. For
more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: