Login or Register to Ask a Question and Join Our Community


Cybersecurity

SNMP Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity SNMP Vulnerability
# 1  
Old 02-12-2002
SNMP Vulnerability
SNMP Vulnerability:

In a few minutes wire services and other news sources will begin
breaking a story about widespread vulnerabilities in SNMP (Simple
Network Management Protocol). Exploits of the vulnerability cause
systems to fail or to be taken over. The vulnerability can be found in
more than a hundred manufacturers' systems and is very widespread -
millions of routers and other systems are involved.

Your leadership is needed in making sure that all systems for which you
have any responsibility are protected. To do that, first ensure that
SNMP is turned off. If you absolutely must run SNMP, get the patch from
your hardware or software vendor. They are all working on patches right
now. It also makes sense for you to filter traffic destined for SNMP
ports (assuming the system doing the filtering is patched).

Action:
To block SNMP access, block traffic to ports 161 and 162 for tcp and
udp. In addition, if you are using Cisco, block udp for port 1993.
http://www.cert.org/advisories/CA-2002-02.html
# 2  
Old 02-13-2002
They have been talking about this on the Incidents mailing list since last Thursday.

I can't think of any real good reason to have your SNMP traffic reachable from any public network anyway...

Many vendors are already releasing patches (Sun, a few Linux vendors, SGI, etc...). Keep your eye out on Bugtraq and Incidents for more late-breaking news.
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Need to transfer all kernel logs (var/log/messages) to the snmp listener as snmp trap

i am working with embedded system -Dell DCS management sub system. my question is as below: currently we are using linux kernel 2.6.30 build and we have a kernel logs stored to the /var/log/messages path. now we have to transfer all this logs to the specified SNMP target as a part of SNMP... (4 Replies)
Discussion started by: vipul_prajapati
4 Replies

2. Infrastructure Monitoring

SNMP traps to SNMP server

Dear Champs, I am new to unix, and need to configure linux server to send below traps to a SNMP server. Monitoring TRAP Disk Space Low Monitoring TRAP Memory Low Monitoring TRAP CPU high Monitoring TRAP Admin login/Logoff Please help me how to send this information to my SNMP server... (2 Replies)
Discussion started by: stavar
2 Replies

3. IP Networking

SNMP Problem - SNMP not getting to the agent.

I am having a problem with an SNMP event, and I am not sure where I should be looking to solve this problem. Description: There is an SNMP event in our system that for one reason or another is not getting sent out as an email because it is never getting to our SNMP agent. I see where the... (0 Replies)
Discussion started by: broberts
0 Replies

4. Red Hat

Sending data from DELL OMSA SNMP and Custom SNMP MIB to same UDP port 161

Hi , Currently DELL OMSA SNMP sends data through default udp port 161.I want my custom SNMP MIB also to send data in the same udp port 161.Whether its possible.If yes where to configure .I tried starting my custom MIB in udp port 161,but it throws port already in use.Kindly guide. (1 Reply)
Discussion started by: prabakar4all
1 Replies

5. IP Networking

Sending data from DELL OMSA SNMP and Custom SNMP MIB to same UDP port 161

Hi , Currently DELL OMSA SNMP sends data through default udp port 161.I want my custom SNMP MIB also to send data in the same udp port 161.Whether its possible.If yes where to configure .I tried starting my custom MIB in udp port 161,but it throws port already in use.Kindly guide. (0 Replies)
Discussion started by: prabakar4all
0 Replies
Login or Register to Ask a Question