Re: problem with SNMPc

From: Marc Cozzi (cozziat_private)
Date: Tue Jan 18 2000 - 15:09:04 PST

Next message: Eric D. Williams: "Some discussion in http-wg ... FW: webmail vulnerabilities: a new"

Previous message: Tobi: "AW: usual iploggers miss some variable stealth scans"
Next in thread: Stefan Schneider: "Re: problem with SNMPc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Funny, I reported this to Castlerock several months ago. At that time they
showed
little intrrest in the problem. Indeed this does asks for a seed router to
start autodiscovery.
If you are new to the program, and who's not with a new version, it's
difficult to find
the configuration to turn the thing off! The multiple polls also seem to
crash some
Windows based FTP daemons.


> -----Original Message-----
> From:	John Comeau [SMTP:jcomeauat_private]
> Sent:	Monday, January 17, 2000 8:22 PM
> To:	BUGTRAQat_private
> Subject:	Re: problem with SNMPc
>
>
> Summary: Many people snmpwalking your border routers lately? SNMPc from
> CastleRock Computing may be to blame; they responded promptly and
> responsibly to my complaint - jc
>
> John Sancho wrote:
> > I apologize for the inconvenience caused by our discovery mechanism.  We
> are
> > currently in the process of changing the installation mechanism to
> ensure
> > that users have control over the process before the initial startup.
> This
> > new implementation will be in our next update within a few weeks.
> >
> > I am not sure how we can post to "bugtraq".  Can you give me some more
> info
> > about that ?  Or perhaps you could post my message to buqtraq on our
> behalf.
> >
> > regards - john
> >
> > John J. Sancho
> > johnat_private
> >
> > > In the past 3 weeks, at least 4 users of your product were contacted
> by
> > > me because I found them trying to snmpwalk my border router. In each
> > > case they blamed your software for scanning the Internet before
> filters
> > > could be applied. This will be construed as an attack by many
> > > security-conscious network administrators. Please post to bugtraq (a
> > > mailing list for security issues) a description of what SNMPc does and
> > > what you are going to do to fix this errant behavior.
> --
> John Comeau - Chief Operating Officer
> Dialtone Internet - Extremely Fast Web Systems
> 954-581-0097  fax://954-581-7629
> jcomeauat_private
> http://www.dialtoneinternet.net

Next message: Eric D. Williams: "Some discussion in http-wg ... FW: webmail vulnerabilities: a new"
Previous message: Tobi: "AW: usual iploggers miss some variable stealth scans"
Next in thread: Stefan Schneider: "Re: problem with SNMPc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:29:09 PDT