It might have been installed by a third party application. The Compaq
Management Agents are dependent on SNMP, for example.

  Kevin

>-----Original Message-----
>From: Valdis.Kletnieksvt.edu [mailto:Valdis.Kletnieksvt.edu]
>Sent: Wednesday, February 13, 2002 12:55 PM
>To: Eric Brandwine
>Cc: Davis Ray Sickmon, Jr; incidentslists.securityfocus.com
>Subject: Re: SNMP vulnerability test?
>
>
>On Wed, 13 Feb 2002 00:34:00 GMT, Eric Brandwine said:
>
> > What're they printing from? I'd check that first. The number of
> > win98/nt/2k hosts listening on SNMP is terrifying.
>
>How did it get turned on? Microsoft said in the CERT advisory:
>
> Summary:
> All Microsoft implementations of SNMP v1 are affected by the
> vulnerability. The SNMP v1 service is not installed or running by
> default on any version of Windows. A patch is underway to eliminate
> the vulnerability. In the meantime, we recommend that affected
> customers disable the SNMP v1 service.
>
>Is this like the "W2K doesn't install IIS, but if you upgraded a machine
>that had Personal Webpage (or whatever it was) it will upgrade that to
>IIS"?
>
>
>--
> Valdis Kletnieks
> Computer Systems Senior Engineer
> Virginia Tech
>
>

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]