On Thu, 20 Mar 2003, Charles Polisher wrote: > Search of CVE and securityfocus and googling > did not turn up adequate information. Anyone > seen this beast? wrt SNMP vulnerabilities (seems relevant): http://www.cert.org/advisories/CA-2002-03.html > Telnetting into our HP Procurve 2524 switch > shows an ongoing attempt to brute-force the > SNMP community (public, of course). HP apparently > does not provide a method for disbling SNMP, and > we're going to have to visit all 93 switches > in person to set a strong password -- yes, it had > been left blank! SNMP should be setn to a VLAN/management interface. Can you ACL the interface to only allow SNMP from trusted hosts? Also, I assume you only allow telnet from your management network. -mrh ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
This archive was generated by hypermail 2b30 : Fri Mar 21 2003 - 13:07:53 PST