Penetration Testing mailing list archives
RE: snmp
From: "Victor Chapela" <victor () sm4rt com>
Date: Fri, 24 Sep 2004 08:06:19 -0500
One of the sysadmins told me that they use in one of the networks Snmp and
that the community is public.
I want to pen test this issue meaning that I want to find ways to retrieve
from the devices info,
and show the IT manager that he must change the community.
Among others, you can use any of the following tools to enumerate SNMP: - SNMP Walker (getif.exe) - SNMPUtil - Solarwinds IP Network Browser and SNMP tools (you can do most of it with the trial version) This last one is by far my favorite. It is an information gathering vulnerability. The information you gather will depend upon the device you connect to, but it can range from domain users and running services to full network topology. Victor ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- snmp Juan B (Sep 24)
- Re: snmp Mathias Wegner (Sep 24)
- Re: snmp Kurt Grutzmacher (Sep 24)
- Re: snmp Andres Riancho (Sep 27)
- RE: snmp Dinis Cruz (Sep 24)
- Re: snmp Max (Sep 24)
- Re: snmp R. DuFresne (Sep 27)
- Re: snmp Frank Knobbe (Sep 24)
- Re: snmp Vijay Kumar (Sep 25)
- RE: snmp Victor Chapela (Sep 25)
- RE: snmp Dom (Sep 25)
- RE: snmp Alexandre Skyrme (Sep 26)
- Re: snmp R. DuFresne (Sep 27)
(Thread continues...)