| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1054753856.381.90.camel@peterjm> From: peter at ucsc.edu (peter moody) Subject: SNMP read-only opens up... what? you could get the product type, version information etc from certain mibs. you could tell how busy the site is, and from that infer how big a pipe you've got. There's a lot more. I would snmp-walk the device and find out what it tells you. but I've got to ask, why would you make this information available at all? On Wed, 2003-06-04 at 10:44, lee.e.rian@...sus.gov wrote: > Say I configure a router with a read-only SNMP community of "public" and > make it Internet accessible. What vulnerabilities or information > disclosure does that open up that would be better left closed? A switch? > > Thanks, > Lee -- Peter Moody <peter@...c.edu> InfoSec Administrator 831/459.5409 Communications and Technology Services. http://mustard.ucsc.edu/pubkey UC, Santa Cruz. :wq -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030604/a7e6c213/attachment.bin
Powered by blists - more mailing lists