| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Mar 2008 09:53:55 +0100 From: Sebastian Krahmer <krahmer@...e.de> To: Adrian P <unknown.pentester@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Exploring the UNKNOWN: Scanning the Internet via SNMP! On Tue, Mar 04, 2008 at 12:02:25AM +0000, Adrian P wrote: > * Exploring the UNKNOWN: Scanning the Internet via SNMP! * > http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/ > > Hacking is not only about coming up with interesting solutions to > problems, but also about exploring the unknown. It was this drive for > knowledge philosophy that lead to surveying a significant sample of > the Internet which allowed us to make some VERY interesting > observations and get an idea of the current state of _remote SNMP > hacking_. > > * Why SNMP? * > > 2.5 million random IP addresses were surveyed via SNMP. Why SNMP you > might be asking? Well, there are several reasons. First of all SNMP is > a UDP-based protocol which allows us to perform scanning at a much > shorter time than via TCP-based protocols. Another advantage of This is not true. I doubt there is any measurable advantage of UDP vs. TCP scans if you do it right. 2.5 million addresses can be done in a very short coffee break. Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team ~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists