Penetration Testing mailing list archives
Re: SNMP Testing
From: "L. Walker" <lwalker () magi net au>
Date: Thu, 17 Mar 2005 16:26:04 +1100
On Thu, 2005-03-17 at 04:51 +0000, Gregory Bell wrote:
Hello all, I was wondering if anyone could point me to some good resources on pen testing SNMP. We have 2 main reasons for wanted these resources/tools: 1)identifying possible vulnerabilities exposed with various SNMP implemenations 2)Correlate actual malicious/suspicious SNMP traffic in our IDS to better identify false positives associated with various SNMP related signatures. I'd appreciate any help you can give. Thanks, --Greg
I'd look at information disclosure - a lot of default/insecure installations will allow you to gleam information off routers and other network devices simply by querying SNMP on that given device. snmpwalk is one application you can find to help you do the deed, so to speak. I'd also use gateways, and dedicated NIDS/IDS/IPS systems to help track and locate SNMP traffic and any other traffic on your network - keep in mind, it really depends how you've designed your network to begin with as to where you're going to place hardware designed to keep track of the entire network. -- L. Walker Administrator / Consultant Blog: http://magi.net.au
Current thread:
- SNMP Testing Gregory Bell (Mar 16)
- Re: SNMP Testing L. Walker (Mar 17)
- Re: SNMP Testing brtw2003 (Mar 17)
- Re: SNMP Testing Peter Wood (Mar 17)
- RE: SNMP Testing Clement Dupuis (Mar 17)
- <Possible follow-ups>
- Re: SNMP Testing Jeff Bryner (Mar 18)
- Re: SNMP Testing Enrico Nardelli (Mar 20)
- RE: SNMP Testing Jeff Gercken (Mar 21)