Security Incidents mailing list archives
Re: Windows 2k SNMP Wonkiness Poll
From: Valdis.Kletnieks () vt edu
Date: Thu, 14 Feb 2002 01:38:47 -0500
On Thu, 14 Feb 2002 00:01:04 +0100, Filip Jonckers <fjonckers () Interconnect be> said:
A lot of server installations NEED snmp service installed...
...
just try to manage a network with a few hundreds devices (or even a few dozen) without SNMP .....
I feel your pain - my machine room is over 1/4 acre. ;) However, if you didn't know your box was running SNMP, it's a pretty safe bet that it's not being monitored by your network management tools ;) Unfortunately, I'm willing to bet that not more than 5% of the hosts that are running SNMP are actually being managed by some tool like that, and that 3/4 of THOSE didn't change the community names. Which means that the *other* 97% are just waiting to get burned by the next exploit.... ANd I'm also willing to bet that we'll see a poly-lingual exploit, that is willing to attack either Wintel or one or more Unixoid systems. After all - you *can* ask your victim how they'd prefer to be exploited (although I'm doubtful we'll see a printer-based variant). Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Windows 2k SNMP Wonkiness Poll Davis Ray Sickmon, Jr (Feb 13)
- <Possible follow-ups>
- RE: Windows 2k SNMP Wonkiness Poll Filip Jonckers (Feb 13)
- Re: Windows 2k SNMP Wonkiness Poll Eric Brandwine (Feb 13)
- Re: Windows 2k SNMP Wonkiness Poll Valdis . Kletnieks (Feb 14)