Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: snmp
From: Frank Knobbe <frank () knobbe us>
Date: Mon, 27 Sep 2004 17:19:14 -0500

On Fri, 2004-09-24 at 15:39, R. DuFresne wrote:
You start by getting yer "get out of jail free card" from mgt.  If you
lack that, you are likely to get fired and then prosecuted.


I didn't read it like you did. It seemed to me that Juan wanted a tool
that lists some info retrieved via SNMP Gets. With that list we would
approach management, showing that you can query interface tables, etc,
with a community string of "public".

I didn't think that he wanted to "break into" and systems, or otherwise
"pentest" it (even though he used that word in his request. Improper use
of "pentest" in my book).

I don't think he needs management approval or a JOOJF card to just list
some stuff with snmpwalk. After all, the information is "public", right?

As long as he doesn't circumvent counter-measures he should be fine.
After all, he is the one responsible for security in his company. He
would be one handing out the JOOJF cards ;)

Cheers,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]