Bugtraq mailing list archives
Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points
From: hendy () team-teso net
Date: Fri, 29 Jun 2001 15:26:57 +0200
On Fri, Jun 22, 2001 at 05:47:27PM -0400, Brandon S. Allbery KF8NH wrote:
On Wednesday, June 20, 2001 17:32:53 -0500, Matthew Potter By default, yes; so is the Apple AirPort (I think these are all KarlBridge products in disguise). And SNMP is enabled by default because that's how they're configured.
right, and not only by default - you can _not_ disable snmp on karlbridge accesspoints (apple airport, rg1000..) (hey, if you'd disable it, you had no chance changing any setting but flushing the eeprom!).
I just change the password when I configure it for the first time.
first of all, the public snmp-community is still readable, if you change the password (just not writable anymore), and second, there are tools out there, which can easily brute-force snmp-communities (ADMsnmp, for example). those accesspoints don't ''slow-down'' if they're brute-forced, so you can easily go through a big dic-file :-) regards, -hendy / teso PS: the airport is fun. does anyone know what kind of OS runs on it? i am in need of some informations regarding this. could get very very interesting. -- . ,!. . _ ___ ___________________________________________________ __ _ . ,j't. hendy () team-teso org [TESO] or hendy () xentix homeip net [HOME] K=-=:: -=-> fax & vbox: [ +49-2561-959-556970 ] gsm/sms: [ +49-179-6443323 ] "=i.: [-' PGP: ``finger hendy () team-teso net'' [www.team-teso.net/hendy] /;:":.\ PGP Fprint: 5AAE 5111 2C39 5E86 9D45 70C3 CA8F 0C20 EF27 264A . ;}' '(, . _ ___ ____________________________________________________ . :wq!
Current thread:
- ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11 b Access Points ISS XForce (Jun 20)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Matthew Potter (Jun 22)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Brandon S. Allbery KF8NH (Jun 25)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points hendy (Jun 29)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Matthew R. Potter (Jun 25)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Brandon S. Allbery KF8NH (Jun 25)
- Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points Matthew Potter (Jun 22)