|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ralph Los (RLos
enteredge.com)Date: Wed Feb 13 2002 - 14:55:15 CST
I can confirm, at least from our CD Set (Retail Win2k Server), that SNMP is
installed by DEFAULT and listening. Scares you, doesn't it?
----------------------------------------|
Ralph M. Los
Sr. Security Consultant and Trainer
EnterEdge Technology, L.L.C.
rlosenteredge.com
(770) 955-9899 x.206
----------------------------------------|
::-----Original Message-----
::From: Valdis.Kletnieksvt.edu [mailto:Valdis.Kletnieksvt.edu]
::Sent: Wednesday, February 13, 2002 1:25 PM
::To: Eric Brandwine
::Cc: Davis Ray Sickmon, Jr; incidentslists.securityfocus.com
::Subject: Re: SNMP vulnerability test?
::
::
::On Wed, 13 Feb 2002 18:19:08 GMT, Eric Brandwine said:
::> Win2k Server does install and listen on snmpv1, public by
::default (at
::> least our CDs of it do). I have no idea how or why it was enabled,
::> but a little quick scanning turned up some scary results.
::
::Thrills. Can anybody confirm this? Does Eric have wonky
::install CDs, or was the Microsoft portion of the CERT
::advisory incorrect?
::
::/Valdis
::
::
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]