mailing list archives
Re: Determining UDP 161 port (SNMP) status using SNMPv3
From: Fyodor <fyodor () insecure org>
Date: Tue, 17 Jun 2008 16:14:06 -0700
On Tue, Jun 17, 2008 at 06:07:42PM -0500, Tom Sellers wrote:
If I understand correctly when it comes to UDP ports everything
is pretty much considered open|filtered unless an ICMP response
flags it as closed or a service response indicates that it is
Yeah, that is basically how it works.
I believe that we can augment this port status detection by
adding a SNMPv3 probe. In my experience SNMPv3, when provided
That would be great! Maybe it will help provide useful version
detection information as well.
1. This is essentially a login attempt. I know that the SNMPv1
probe tries to use"public" but I don't know if people will
consider this the same.
I think that is OK. I've never heard any complaints about the current
SNMP query which, as you noted, tries the public community string.
2. Would this be more appropriate as a NSE script as it could be
flagged as "auth" and only run when that is ok?
I think it would be better as version detection. That is more
efficient (to write/maintain as well as to execute). And this is a
version detection purpose.
3. If using this probe is ok, what username should be used? I
have been considering using either "public" or null.
Whichever one is most likely to work the best. Unfortunately I'm not
sure what that would be.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org