Penetration Testing mailing list archives
Re: SNMP Testing
From: brtw2003 () gmx net
Date: Thu, 17 Mar 2005 09:27:08 +0100 (MET)
hi greg, 1) -snmp v1/2c just use generic snmp tools (net-snmp, perl snmp) to play around with snmp pdu's/extensive mib walks etc. -use dictionery attacks (thc-hydra). -using vendor snmp related attacks (like hp-printers, cisco devices etc) (mostly founded in bugtraq,k-otik,securityfocus,packetstorm etc) 2) quite difficult, you need to identify your generic snmp queries in the network (usually noc/provisioning/performance mgmt etc related systems) and based on this snmp-network-map you can generate suspicious snmp related rules /bl0wf1sh
Hello all, I was wondering if anyone could point me to some good resources on pen testing SNMP. We have 2 main reasons for wanted these resources/tools: 1)identifying possible vulnerabilities exposed with various SNMP implemenations 2)Correlate actual malicious/suspicious SNMP traffic in our IDS to better identify false positives associated with various SNMP related signatures. I'd appreciate any help you can give. Thanks, --Greg
-- DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen! AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
Current thread:
- SNMP Testing Gregory Bell (Mar 16)
- Re: SNMP Testing L. Walker (Mar 17)
- Re: SNMP Testing brtw2003 (Mar 17)
- Re: SNMP Testing Peter Wood (Mar 17)
- RE: SNMP Testing Clement Dupuis (Mar 17)
- <Possible follow-ups>
- Re: SNMP Testing Jeff Bryner (Mar 18)
- Re: SNMP Testing Enrico Nardelli (Mar 20)
- RE: SNMP Testing Jeff Gercken (Mar 21)