To assist in detecting and mitigating the IOS vulnerability released today publicly by Cisco, Foundstone has released a free scanning tool to aid in identifying vulnerable Cisco devices. Devices detected by SNScan will have their IOS and feature-set information displayed in a easy to manage layout. Device information should be matched against Cisco's IOS upgrade matrix and patched according to the upgrade path recommended by Cisco. SNScan v1.05 http://www.foundstone.com/resources/proddesc/snscan.htm SNMP Detection Utility Copyright 2003(c) by Foundstone, Inc. http://www.foundstone.com SNScan is a Windows based SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats, such as those released on February 12, 2002 and the Cisco IPv4 Remote Denial of Service vulnerability from July 17, 2003. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") as well as user-defined SNMP community names. User-defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks. SNScan is intended for use by system and network administrators as a fast and reliable utility for information gathering. While not indicating whether SNMP enabled devices are vulnerable to specific threats, SNScan can quickly and accurately identify potential areas of exposure to SNMP related vulnerabilities. Cisco Advisory [As of 2003 July 17 at 23:00 UTC (GMT)] http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml ... Matt Ploessel Network Security Engineer Foundstone, Inc. Strategic Security 949.297.5600 Tel 949.297.5575 Fax http://www.foundstone.com PGP: https://www.foundstone.com/pgpkeys/matt_ploessel.asc PGP Hash: 5233 27A0 E504 2887 0F6F 0218 7495 1EB2 F182 E914
This archive was generated by hypermail 2b30 : Fri Jul 18 2003 - 10:23:07 PDT