From: L. Walker (lwalker@magi.net.au)
Date: Thu Mar 17 2005 - 00:26:04 EST
On Thu, 2005-03-17 at 04:51 +0000, Gregory Bell wrote:
> Hello all,
>
> I was wondering if anyone could point me to some good resources on pen
> testing SNMP. We have 2 main reasons for wanted these resources/tools:
> 1)identifying possible vulnerabilities exposed with various SNMP implemenations
> 2)Correlate actual malicious/suspicious SNMP traffic in our IDS to
> better identify false positives associated with various SNMP related
> signatures.
>
> I'd appreciate any help you can give.
>
> Thanks,
>
> --Greg
I'd look at information disclosure - a lot of default/insecure
installations will allow you to gleam information off routers and other
network devices simply by querying SNMP on that given device.
snmpwalk is one application you can find to help you do the deed, so to
speak.
I'd also use gateways, and dedicated NIDS/IDS/IPS systems to help track
and locate SNMP traffic and any other traffic on your network - keep in
mind, it really depends how you've designed your network to begin with
as to where you're going to place hardware designed to keep track of the
entire network.
-- L. Walker Administrator / Consultant Blog: http://magi.net.au
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:18 EDT