Re: Routes that are susceptible to SNMP

From: Iñigo González Ponce (IGONZALEZ@ati.es)
Date: Wed Feb 05 2003 - 07:54:15 EST

• Next message: Razvan: "PBX Security"
• Previous message: Jason Lewis: "RE: Using ARP to map a network"
• In reply to: Rod Strader: "Routes that are susceptible to SNMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

"public" and "private" are out-of-the-box default community strings
for read and read-write access almost any network equipment.

Get the private MIB for the Ascend MAX (now Lucent), and look at what you can
get ;-).

With the read-write comminity you can get, alter, wipe, the router config,
you can reboot it, create users, modify the routing table, etc...

I don't remeber if the MAX-1600 has tunneling capabilies.... if so, you
can create a tunnel to your own machine and...

Hope this helps,

        -- Iñigo

Quoting Rod Strader <Strader@doeren.com>:

> Good day everyone,
>
> I am currently on a vulnerability assessment gig and found that a
> router
> on the way to my clients target is susceptible to snmp with a
> community
> string of public. This device when looking at it shows the arp table
> having my clients targets IP address in it. What is the general
> consensus of how dangerous this is to my client. I don't know if I
> can
> change anything with same community string but I can review all the
> information on the device. Here is some of the information I found
> walking the mib:
>
> Description: Ascend Max-1800 BRI S/N: 8371001 Software +6.0.10+
>
> This device appears to be the gateway router before their email
> server.
> The arp table still has the target in it.
>
> Please comment!
>
> Rod Strader
>
>
>
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/
>
>
>

--
Iñigo González Ponce <igonzalez .at .exocert .dot. com>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Razvan: "PBX Security"
• Previous message: Jason Lewis: "RE: Using ARP to map a network"
• In reply to: Rod Strader: "Routes that are susceptible to SNMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT