[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1054753856.381.90.camel@peterjm>
From: peter at ucsc.edu (peter moody)
Subject: SNMP read-only opens up... what?
you could get the product type, version information etc from certain
mibs. you could tell how busy the site is, and from that infer how big
a pipe you've got.
There's a lot more. I would snmp-walk the device and find out what it
tells you.
but I've got to ask, why would you make this information available at
all?
On Wed, 2003-06-04 at 10:44, lee.e.rian@...sus.gov wrote:
> Say I configure a router with a read-only SNMP community of "public" and
> make it Internet accessible. What vulnerabilities or information
> disclosure does that open up that would be better left closed? A switch?
>
> Thanks,
> Lee
--
Peter Moody <peter@...c.edu>
InfoSec Administrator 831/459.5409
Communications and Technology Services. http://mustard.ucsc.edu/pubkey
UC, Santa Cruz.
:wq
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030604/a7e6c213/attachment.bin
Powered by blists - more mailing lists