Re: snmp

From: Vijay Kumar (vijay@calsoftinc.com)
Date: Fri Sep 24 2004 - 08:42:41 EDT


Hi,

Check the Solarwinds tools, if the devices support community name as
"public", we can retrieve a lot of information from it and probably get
exploits for them.

Regards,
Vijay.

On Thu, 2004-09-23 at 03:37, Juan B wrote:
> HI,
>
>
>
> I am responsible of the security in my company.
>
>
>
> One of the sysadmins told me that they use in one of
> the networks Snmp and that the community is public.
>
>
>
> I want to pen test this issue meaning that I want to
> find ways to retrieve from the devices info, and show
> the IT manager that he must change the community.
>
>
>
> The reason that I want to do It my self is that I
> don't believe in the way that is just going to him and
> tell him..." its written in the internet that we must
> change public community to something else.
>
>
>
> So how or from where do I start ?
>
>
>
> Thanks
>
>
>
> juan
>
> =====
> Juan Fernandez.
>
> Security Engineer
>
> Tel: +972-52-4306781
> Mcse Ccna Ccsa Scsa
>
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - 100MB free storage!
> http://promotions.yahoo.com/new_mail
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:06 EDT