Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SNMP vulnerability test?

From: Chris Ess <azarin () tokimi net>
Date: Wed, 13 Feb 2002 16:08:11 -0500 (EST)
Win2k Server does install and listen on snmpv1, public by default (at
least our CDs of it do).  I have no idea how or why it was enabled,
but a little quick scanning turned up some scary results.


Thrills.  Can anybody confirm this?  Does Eric have wonky install CDs,
or was the Microsoft portion of the CERT advisory incorrect?


This is what I've noticed from doing Windows 2000 Server installs on my
company's set of CDs:

The SNMP service is not installed by default.  You have to manually select
it during installation (Network Management Tools -> Simple Network
Management Protocol iirc).  However, if you opt to install it, then it
will be nice, bright, happy, and live when the system boots.  And with the
default community of 'public'.

Now, an interesting question is: How many OEM installs of Windows 2000
have SNMP enabled by default?  Hopefully not very many...

---

Chris Ess
System Administrator / CDTT ( Certified Duct Tape Technician)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: