nanog mailing list archives
Re: Warning: Cisco RW community backdoor.
From: John Fraizer <nanog () Overkill EnterZone Net>
Date: Mon, 26 Feb 2001 23:06:42 -0500 (EST)
On 26 Feb 2001, Sean Donelan wrote:
It appears more than one vendor shared the same SNMP library (or SNMP programmer). Folks have sent me evidence at least two other vendor's equipment has similar responses to the same SNMP community string ILMI. However, there are other non-related SNMP issues. Many SNMP implementations included the default community strings "public" and "private". If the operator doesn't change them, the defaults may still work. The other common SNMP implementation issue is if no community string is specified, the SNMP agent accepts any community string. If you are checking your network, I'd suggest checking for all three possibilities.
IMHO, if no communities are supplied, the SNMP daemon should not respond at all. While I agree that "public" and "private" are "wellknowns," in most implementations, they at least show up in the code. Cisco chose to hide this one where it would not show up in the code. That IMHO is a very bad thing and does bad things to my confidence level in Cisco. --- John Fraizer EnterZone, Inc
Current thread:
- RE: Warning: Cisco RW community backdoor., (continued)
- RE: Warning: Cisco RW community backdoor. Mark Radabaugh (Feb 26)
- RE: Warning: Cisco RW community backdoor. Deepak Jain (Feb 27)
- RE: Warning: Cisco RW community backdoor. Chris Hallman (Feb 26)
- Re: Warning: Cisco RW community backdoor. Stephen Griffin (Feb 26)
- Re: Warning: Cisco RW community backdoor. Jim Duncan (Feb 26)
- Re: Warning: Cisco RW community backdoor. Adrian Chadd (Feb 27)
- Re: Warning: Cisco RW community backdoor. John Payne (Feb 27)
- Re: Warning: Cisco RW community backdoor. John Fraizer (Feb 26)
- Re: Warning: Cisco RW community backdoor. John Fraizer (Feb 26)
- Re: Warning: Cisco RW community backdoor. David Schwartz (Feb 26)
- Re: Warning: Cisco RW community backdoor. John Fraizer (Feb 26)
- Re: Warning: Cisco RW community backdoor. Eric Germann (Feb 26)
- Re: Warning: Cisco RW community backdoor. jlewis (Feb 27)
- Re: Warning: Cisco RW community backdoor. Dan Hollis (Feb 27)