Bugtraq mailing list archives

Re: problem with SNMPc

From: cozzi () HERTZ RAD ND EDU (Marc Cozzi)
Date: Tue, 18 Jan 2000 18:09:04 -0500


Funny, I reported this to Castlerock several months ago. At that time they
showed
little intrrest in the problem. Indeed this does asks for a seed router to
start autodiscovery.
If you are new to the program, and who's not with a new version, it's
difficult to find
the configuration to turn the thing off! The multiple polls also seem to
crash some
Windows based FTP daemons.

-----Original Message-----
From: John Comeau [SMTP:jcomeau () DIALTONEINTERNET NET]
Sent: Monday, January 17, 2000 8:22 PM
To:   BUGTRAQ () SECURITYFOCUS COM
Subject:      Re: problem with SNMPc

Summary: Many people snmpwalking your border routers lately? SNMPc from
CastleRock Computing may be to blame; they responded promptly and
responsibly to my complaint - jc

John Sancho wrote:

I apologize for the inconvenience caused by our discovery mechanism.  We

are

currently in the process of changing the installation mechanism to

ensure

that users have control over the process before the initial startup.

This

new implementation will be in our next update within a few weeks.

I am not sure how we can post to "bugtraq".  Can you give me some more

info

about that ?  Or perhaps you could post my message to buqtraq on our

behalf.


regards - john

John J. Sancho
john () castlerock com

In the past 3 weeks, at least 4 users of your product were contacted

by

me because I found them trying to snmpwalk my border router. In each
case they blamed your software for scanning the Internet before

filters

could be applied. This will be construed as an attack by many
security-conscious network administrators. Please post to bugtraq (a
mailing list for security issues) a description of what SNMPc does and
what you are going to do to fix this errant behavior.

--
John Comeau - Chief Operating Officer
Dialtone Internet - Extremely Fast Web Systems
954-581-0097  fax://954-581-7629
jcomeau () dialtoneinternet net
http://www.dialtoneinternet.net

Current thread:

Re: problem with SNMPc John Comeau (Jan 17)
- <Possible follow-ups>
- Re: problem with SNMPc Marc Cozzi (Jan 18)
  - Re: problem with SNMPc Stefan Schneider (Jan 19)