Security Incidents mailing list archives

RE: SNMP vulnerability test?

From: "Matthew LaGrange" <lagra100 () chapman edu>
Date: Wed, 13 Feb 2002 13:24:43 -0800

All of my servers had SNMP installed by default

Matthew LaGrange, MCP
Student Technology Services Manager
Office of Academic Computing, Chapman University
(714) 628-2720, On-Campus x2720
E-mail: lagrange () chapman edu


-----Original Message-----
From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] 
Sent: Wednesday, February 13, 2002 10:25 AM
To: Eric Brandwine
Cc: Davis Ray Sickmon, Jr; incidents () lists securityfocus com
Subject: Re: SNMP vulnerability test? 

On Wed, 13 Feb 2002 18:19:08 GMT, Eric Brandwine said:

Win2k Server does install and listen on snmpv1, public by default (at
least our CDs of it do).  I have no idea how or why it was enabled,
but a little quick scanning turned up some scary results.


Thrills.  Can anybody confirm this?  Does Eric have wonky install CDs,
or was the Microsoft portion of the CERT advisory incorrect?

/Valdis



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

RE: SNMP vulnerability test? Jason Craig (Feb 13)
- <Possible follow-ups>
- RE: SNMP vulnerability test? Ralph Los (Feb 13)
- Re: SNMP vulnerability test? Kevin Moon (Feb 13)
- RE: SNMP vulnerability test? Filip Jonckers (Feb 13)
- RE: SNMP vulnerability test? Matthew LaGrange (Feb 13)