Penetration Testing mailing list archives

Re: SNMP Testing

From: brtw2003 () gmx net
Date: Thu, 17 Mar 2005 09:27:08 +0100 (MET)

hi greg,

1) 
   -snmp v1/2c just use generic snmp tools (net-snmp, perl snmp) to play   
    around with snmp pdu's/extensive mib walks etc. 
   -use dictionery attacks (thc-hydra).
   -using vendor snmp related attacks (like hp-printers, cisco devices etc)
    (mostly founded in bugtraq,k-otik,securityfocus,packetstorm etc) 

2) quite difficult, you need to identify your generic snmp queries in the
   network (usually noc/provisioning/performance mgmt etc related systems)
   and based on this snmp-network-map you can generate suspicious snmp   
   related rules

/bl0wf1sh

Hello all,

I was wondering if anyone could point me to some good resources on pen
testing SNMP. We have 2 main reasons for wanted these resources/tools:
1)identifying possible vulnerabilities exposed with various SNMP
implemenations
2)Correlate actual malicious/suspicious SNMP traffic in our IDS to
better identify false positives associated with various SNMP related
signatures.

I'd appreciate any help you can give.

Thanks,

--Greg


-- 
DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl

Current thread:

SNMP Testing Gregory Bell (Mar 16)
- Re: SNMP Testing L. Walker (Mar 17)
- Re: SNMP Testing brtw2003 (Mar 17)
- Re: SNMP Testing Peter Wood (Mar 17)
- RE: SNMP Testing Clement Dupuis (Mar 17)
- <Possible follow-ups>
- Re: SNMP Testing Jeff Bryner (Mar 18)
  - Re: SNMP Testing Enrico Nardelli (Mar 20)
- RE: SNMP Testing Jeff Gercken (Mar 21)