Full Disclosure mailing list archives
Re: SNMP read-only opens up... what?
From: "Jason Stout" <jasonstout () ringzerosecurity com>
Date: Wed, 04 Jun 2003 12:10:24 -0700 (PDT)
Anything in the mib tree. It depends entirely on what information the company provides in thier mibs. Standard host information can be found in the mib-2 tree while vendor specific data which could be almost anything will be in the private->enterprises->company tree. Your best bet is to use a mib walker program to browse from the top and see whats available. And my advice is too not use public as your community string. Regards, Jason Stout On Wed, 4 Jun 2003 13:44:04 -0400, lee.e.rian () census gov wrote:
Say I configure a router with a read-only SNMP community of "public" and make it Internet accessible. What vulnerabilities or information disclosure does that open up that would be better left closed? A switch? Thanks, Lee _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SNMP read-only opens up... what? lee . e . rian (Jun 04)
- Re: SNMP read-only opens up... what? peter moody (Jun 04)
- Re: SNMP read-only opens up... what? Thomas Cannon (Jun 04)
- <Possible follow-ups>
- Re: SNMP read-only opens up... what? Jason Stout (Jun 04)
- Re: SNMP read-only opens up... what? lee . e . rian (Jun 04)
- RE: SNMP read-only opens up... what? Full-Disclosure (Jun 05)