[8587] in bugtraq
Re: ISS Security Advisory: Hidden community string in SNMP
daemon@ATHENA.MIT.EDU (Matt M. Morris)
Wed Nov 18 12:16:00 1998
Date: Tue, 17 Nov 1998 10:26:28 -0500
Reply-To: "Matt M. Morris" <mmorris@OPS.COM>
From: "Matt M. Morris" <mmorris@OPS.COM>
X-To: sugarat <sugarat@thunderhold.sugarat.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199811162149.QAA16719@thunderhold.sugarat.net>
>We have tried a box, Solaris 2.6 patched to current (current as of
september),
>that is running the default Sun snmpd binary. The hidden community
>"all private" worked from local and remote machines.
I setup my Ultra 1 with 2.6 -- unpatched -- with the HPOV B.05.01 snmpdm.
I could not get it to work remotely. Hopefully HPs patch for Solaris NNM
will fix.
>I'm not quite sure what we're going to do about this, but on non critical
>boxes, ie: the ones we watch only for cold start traps, we have turned of
>snmpd and use shell scripts that call snmptrap to send the traps we need to
>receive.
Patiently awaiting HP's patches to be released.... <tap, tap....>them.
>
>-Tim
>--
-matt
Matt M. Morris
Consultant
Onion Peel Solutions Ph: (919) 821-8004 x242
3101 Industial Drive, Suite 200 Fx: (919) 821-3364
Raleigh, NC 27609 http://www.ops.com
