From: brtw2003@gmx.net
Date: Thu Mar 17 2005 - 03:27:08 EST
hi greg,
1)
-snmp v1/2c just use generic snmp tools (net-snmp, perl snmp) to play
around with snmp pdu's/extensive mib walks etc.
-use dictionery attacks (thc-hydra).
-using vendor snmp related attacks (like hp-printers, cisco devices etc)
(mostly founded in bugtraq,k-otik,securityfocus,packetstorm etc)
2) quite difficult, you need to identify your generic snmp queries in the
network (usually noc/provisioning/performance mgmt etc related systems)
and based on this snmp-network-map you can generate suspicious snmp
related rules
/bl0wf1sh
> Hello all,
>
> I was wondering if anyone could point me to some good resources on pen
> testing SNMP. We have 2 main reasons for wanted these resources/tools:
> 1)identifying possible vulnerabilities exposed with various SNMP
> implemenations
> 2)Correlate actual malicious/suspicious SNMP traffic in our IDS to
> better identify false positives associated with various SNMP related
> signatures.
>
> I'd appreciate any help you can give.
>
> Thanks,
>
> --Greg
>
-- DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen! AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:18 EDT