> From: Arhont Information Security [mailto:infosecat_private] > Sent: Friday, March 28, 2003 1:32 AM > To: bugtraqat_private > Subject: SNMP security issues in D-Link DSL Broadband Modem/Router > > While performing a general security testing of a > network, we have found several security vulnerability > issues with the D-Link DSL Broadband Modem DSL-500 Note that there are a couple of things you can do to alleviate this problem. 1. Change the public and private SNMP community strings. You can do this by logging into the DSL router via telnet or using the serial connection and typing the following (the password for telnet by default is 'private' - see below): snmp access flush # Flushes all access strings snmp access read <password> # Sets your RO community password snmp access write <password> # Sets your R/W community password # NOTE: This is also your telnet # password! Make sure it is kept # safe! snmp access list # Always good to check ;) config save # Saves configuration restart # Restarts router. I would really recommend doing this as a matter of course anyways. 2. You can use the built-in IP filter package to remove access from the WAN side to TCP and UDP port 161 (and if you are not using it on the LAN side - I'd do the same there too).
This archive was generated by hypermail 2b30 : Fri Mar 28 2003 - 11:12:32 PST