[Quoth Sasha Egan] ] Sorry about this, I forgot to mention it.. ] ] To get the interview with the network tech at 3Com, I had to list myself ] as a primary contact...if you need any information from me: ] my phone number is (505) 861-4981 ] My pager is (505) 875-8866 ] just in case... It might also be worth mentioning to 3Com that the enterprise MIB (at least for the Corebuilder 3500) contains the passwords and the snmp keys for the box. If some poor sap sets their SNMP key to something guessable (like, oh, I dunno, 'public'), you can get the admin password and SNMP key with these: enterprises.synernetics.lanplex.lanplexSystemsMib.1.19.0 = "password" enterprises.synernetics.lanplex.lanplexSystemsMib.6.7.0 = "public" I don't know what the wisdom of putting the password in the MIB is. This is true with both software release 1.0 and 1.1 on the Corebuilder 3500. And since it's the synernetics enterprise MIB, it's my educated guess that this info is on other corebuilder and lanplex boxen. With release 1.0 on the corebuilder, I also had the misfortune of being able to reboot the box by sending a lot of UDP traffic to it's administrative port. Being paranoid, I ran netcat against it, wanting to know what ports it listened on. About 10 seconds later, it reboots. rel 1.1 seems more robust. IMHO, the Corebuilder 3500 just feels like a product that went out the door too fast to be early to market, without giving security or robustness enough of a thought. -- Michael Mittelstadt meekat_private VP - Internet Techologies ExecPC Internet http://www.execpc.com/~meek 1-800-ExecPC-1
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:53:09 PDT