Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: SNMP False Positives

RE: SNMP False Positives

From: Leif Sawyer <lsawyer_at_gci.com>
Date: Fri, 12 Apr 2002 13:55:00 -0800

Ben Klang replied to
> Michael Cox, whom on Thu, 2002-04-11 at 15:26, wrote
>> I'm getting a lot of "default community string enabled"
>> false positives from Nessus, Retina, and verified with SNMPing.
>>
> I have noticed similar responses from our HP-UX boxes. This includes
> HP-UX 10.20 and 11.00. Nessus reported that any string sent
> was a valid community name.

Which test are you using for nessus? the snmp_default_communities.nasl?

If you are, it should return which of the default community strings it was
able to use. (this is 1.0.10, anyway)

I've heard tell of some snmp implementations which, even when you put in
custom strings, would still respond to public/private queries. Sigh.

I'm not sure if there have been any bug fixes in the snmp tests for nessus,
but if you're not running 1.0.10, consider upgrading, just for the fixes
and additional tests...

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Apr 15 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]