RE: Routes that are susceptible to SNMP

• Previous message: Rajesh Kumar Dilli: "RE: Using ARP to map a network"
• Maybe in reply to: Rod Strader: "Routes that are susceptible to SNMP"
• Next in thread: Pete Herzog: "RE: Routes that are susceptible to SNMP"
• Next in thread: Iñigo González Ponce: "Re: Routes that are susceptible to SNMP"
• Reply: Pete Herzog: "RE: Routes that are susceptible to SNMP"
• Reply: Rob Shein: "RE: Routes that are susceptible to SNMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To all I am not trying to get into the ISP just want to know how to help the client notify them about the issue.  
 
The tool I use does a trace route and tells information that it finds along the way.    In this case it discovered the gateway before the client had a community string of public.  
 
The information displayed is in the information window which I cut out and pasted for all of your input.  
 
I believe this is on the gray area, where the service provider is providing a service to the client and their community string could leave the client open to potential harm.   
 
I have not tested the gateway merly used the information the tool has provided about the path to the target.
 
My question is how do I provide this information to the client so they can give the information to their provider.  With out trouble on anyones part.
 

	-----Original Message----- 
	From: Kevin Reynolds [mailto:reynolds25at_private] 
	Sent: Tue 2/4/2003 7:01 PM 
	To: Rod Strader; pen-testat_private 
	Cc: 
	Subject: Re: Routes that are susceptible to SNMP 
	
	

	What about the private community string?  Good chance that the RW community
	string is still private.
	
	Kevin
	
	
	----- Original Message -----
	From: "Rod Strader" <Straderat_private>
	To: <pen-testat_private>
	Sent: Tuesday, February 04, 2003 1:55 PM
	Subject: Routes that are susceptible to SNMP
	
	
	Good day everyone,
	
	I am currently on a vulnerability assessment gig and found that a router
	on the way to my clients target is susceptible to snmp with a community
	string of public.  This device when looking at it shows the arp table
	having my clients targets IP address in it.  What is the general
	consensus of how dangerous this is to my client.  I don't know if I can
	change anything with same community string but I can review all the
	information on the device. Here is some of the information I found
	walking the mib:
	
	Description: Ascend Max-1800 BRI S/N: 8371001 Software +6.0.10+
	
	This device appears to be the gateway router before their email server.
	The arp table still has the target in it.
	
	Please comment!
	
	Rod Strader
	
	
	
	
	
	----------------------------------------------------------------------------
	This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
	Service. For more information on SecurityFocus' SIA service which
	automatically alerts you to the latest security vulnerabilities please see:
	https://alerts.securityfocus.com/

	
	
	
	

• Next message: Jason Lewis: "RE: Using ARP to map a network"
• Previous message: Rajesh Kumar Dilli: "RE: Using ARP to map a network"
• Maybe in reply to: Rod Strader: "Routes that are susceptible to SNMP"
• Next in thread: Pete Herzog: "RE: Routes that are susceptible to SNMP"
• Next in thread: Iñigo González Ponce: "Re: Routes that are susceptible to SNMP"
• Reply: Pete Herzog: "RE: Routes that are susceptible to SNMP"
• Reply: Rob Shein: "RE: Routes that are susceptible to SNMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 05 2003 - 10:40:54 PST