Security Incidents mailing list archives
RE: SNMP vulnerability test? (fwd)
From: Chris Ess <azarin () tokimi net>
Date: Wed, 13 Feb 2002 16:55:17 -0500 (EST)
[MODERATOR: For reasons in his email below, Mr. Welsh is/was unable to post to the list. This may have some relevance on the SNMP discussion.] ---------- Forwarded message ---------- Date: Wed, 13 Feb 2002 13:47:56 -0800 From: "Welsh, Armand" <Armand.Welsh () SSCIMS com> To: Chris Ess <azarin () tokimi net> Subject: RE: SNMP vulnerability test? Compaq insight manager depends on snmp, as do most of the other equivelant server health monitoring services I have used. In fact, if you use Compaq smart start to build you OS, SNMP will be installed. Tbhis is not default for microsoft, it is default for Compaq... :) BTW: I don't have access to post to the list, because of our enoding type here, so feel free to forward this info if you like... -----Original Message----- From: Chris Ess [mailto:azarin () tokimi net] Sent: Wednesday, February 13, 2002 1:08 PM To: Valdis.Kletnieks () vt edu Cc: incidents () lists securityfocus com Subject: Re: SNMP vulnerability test?
Win2k Server does install and listen on snmpv1, public by default (at least our CDs of it do). I have no idea how or why it was enabled, but a little quick scanning turned up some scary results.Thrills. Can anybody confirm this? Does Eric have wonky install CDs,
or was the Microsoft portion of the CERT advisory incorrect?
This is what I've noticed from doing Windows 2000 Server installs on my company's set of CDs: The SNMP service is not installed by default. You have to manually select it during installation (Network Management Tools -> Simple Network Management Protocol iirc). However, if you opt to install it, then it will be nice, bright, happy, and live when the system boots. And with the default community of 'public'. Now, an interesting question is: How many OEM installs of Windows 2000 have SNMP enabled by default? Hopefully not very many... --- Chris Ess System Administrator / CDTT ( Certified Duct Tape Technician) ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: SNMP vulnerability test? (fwd) Chris Ess (Feb 13)
- RE: SNMP vulnerability test? (fwd) Damien Adams (Feb 13)