Bugtraq mailing list archives
Netcache snmp behaviour
From: mdavids () CASEMA NET (Marco Davids)
Date: Wed, 7 Apr 1999 08:43:40 +0200
Hi, We noticed an unexpected behaviour on our NetApps C630 Netcache's. The problem even seems to exist in the latest software- release 3.3.1. The problem concerns the SNMP default community-name setting, which is set to 'public'. When changed into something else, using the webinterface, one might think that de default community-name is disabled. However, this is not the case. The new community-names are simply added to the existing default one. In other words; using the webinterface to enter extra community-names will _not_ disable the default. SNMP-Information can thereby still be retreived form the 'toaster'. This enables easy access to information you might not want to reveal. The only thing I could come up with to avoid this problem is to manually telnet into the Netcache, and issue the command: 'snmp delete ro community public' after every reboot. (this can only be done in the 'extended' command-mode) One could also edit /etc/rc and include this command, but please note that after every change through the web-interface this /etc/rc file is overwritten. Off course it is probably wise, although not allways an option, to restrict snmp-access at all, for instance by using router- accesslists. Cheers. Marco Davids +31(0)15 8881000 fax +31(0)15 8881099 N.V. Casema -- Internet NOC mailto:mdavids () casema net Systemadministrator http://www.casema.net/~mdavids
Current thread:
- Re: Possible local DoS in sendmail Anonymous (Mar 29)
- <Possible follow-ups>
- Possible local DoS in sendmail Lukasz Luzar (Apr 01)
- Re: Possible local DoS in sendmail KuRuPTioN (Apr 01)
- Re: Possible local DoS in sendmail Gregory Neil Shapiro (Apr 02)
- Re: Possible local DoS in sendmail Michał Szymański (Apr 02)
- Long-standing bug in AustNet IRC network Virtual World Grant Bayley (Apr 02)
- Re: Long-standing bug in AustNet IRC network Virtual World Paul McGovern (Apr 05)
- Re: Long-standing bug in AustNet IRC network Virtual World Henrik Edlund (Apr 06)
- Re: Long-standing bug in AustNet IRC network Virtual World Sean Kelly (Apr 07)
- Netcache snmp behaviour Marco Davids (Apr 06)
- Procmail version 3.13.1 released Philip Guenther (Apr 06)
- Digital Unix 4.0E /var permission Harhalakis Stefanos (Apr 04)
- ucd snmp vacm's public community access auth probs? + + (Apr 06)
- Re: Digital Unix 4.0E /var permission implosion (Apr 06)
- Re: Digital Unix 4.0E /var permission Harhalakis Stefanos (Apr 06)
- rsync 2.3.1 release - security fix Andrew Tridgell (Apr 07)