Home page logo

bugtraq logo Bugtraq mailing list archives

Re: SNMP security issues in D-Link DSL Broadband Modem/Router
From: "Maslov, Snowy" <Snowy.Maslov () fujitsu com au>
Date: Fri, 28 Mar 2003 18:18:22 +1000

From: Arhont Information Security [mailto:infosec () arhont com] 
Sent: Friday, March 28, 2003 1:32 AM
To: bugtraq () securityfocus com
Subject: SNMP security issues in D-Link DSL Broadband Modem/Router

While performing a general security testing of a
network, we have found several security vulnerability
issues with the D-Link DSL Broadband Modem DSL-500

Note that there are a couple of things you can do to alleviate this

1.  Change the public and private SNMP community strings.   You can do
this by logging into the DSL router via telnet or using the serial
connection and typing the following (the password for telnet by default
is 'private' - see below):

snmp access flush                       # Flushes all access strings
snmp access read <password>             # Sets your RO community
snmp access write <password>            # Sets your R/W community
                                        # NOTE: This is also your telnet
                                        # password!  Make sure it is
                                        # safe!
snmp access list                        # Always good to check ;)
config save                             # Saves configuration
restart                                 # Restarts router.

I would really recommend doing this as a matter of course anyways.

2.  You can use the built-in IP filter package to remove access from the
WAN side to TCP and UDP port 161 (and if you are not using it on the LAN
side - I'd do the same there too).

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]