Nmap Development mailing list archives
Re: Determining UDP 161 port (SNMP) status using SNMPv3
From: Fyodor <fyodor () insecure org>
Date: Tue, 17 Jun 2008 16:14:06 -0700
On Tue, Jun 17, 2008 at 06:07:42PM -0500, Tom Sellers wrote:
If I understand correctly when it comes to UDP ports everything is pretty much considered open|filtered unless an ICMP response flags it as closed or a service response indicates that it is open.
Yeah, that is basically how it works.
I believe that we can augment this port status detection by adding a SNMPv3 probe. In my experience SNMPv3, when provided
That would be great! Maybe it will help provide useful version detection information as well.
1. This is essentially a login attempt. I know that the SNMPv1 probe tries to use"public" but I don't know if people will consider this the same.
I think that is OK. I've never heard any complaints about the current SNMP query which, as you noted, tries the public community string.
2. Would this be more appropriate as a NSE script as it could be flagged as "auth" and only run when that is ok?
I think it would be better as version detection. That is more efficient (to write/maintain as well as to execute). And this is a version detection purpose.
3. If using this probe is ok, what username should be used? I have been considering using either "public" or null.
Whichever one is most likely to work the best. Unfortunately I'm not sure what that would be. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Determining UDP 161 port (SNMP) status using SNMPv3 Tom Sellers (Jun 17)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Fyodor (Jun 17)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Tom Sellers (Jun 17)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Fyodor (Jun 18)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Tom Sellers (Jun 18)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 - Update patch Tom Sellers (Jun 21)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 - Update patch Fyodor (Jun 28)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Tom Sellers (Jun 17)
- Re: Determining UDP 161 port (SNMP) status using SNMPv3 Fyodor (Jun 17)