Re: SNMP to nmap?

[Emerson <nutter () technologist com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 05:46 PM 12/17/98 -0800, Michael Dodwell wrote:
> Hey all,
>
>
> This might be a little beyond what people want from N-Map but would
it be
> possible to get a SNMP scanning option put into nmap? i currently use
a
> program called "IP Network Browser" by Solar Winds
(http://solarwinds.net/
> a GREAT tool if anyone wants to grab it), tho it currently runs on
Win9*.
> The amount of information you can get from your local router is a
joke. I
> belive a lot of admins don't realize how important it is to pick a
better
> community name from "public" or "private" (which most doc's tell you
to pick)

I don't know if this has been disscussedon this list before, but there
is an excellent set of SNMP widgets for TCL/TK in the form of scotty's
snmp widget set. SNMP is also scary because devices normally don't
bother the record the number of failed attempts to get in. So you can
effectively attempt to bruteforce a community string if you have the
time and inclination.

SNMP would add capability to nmap as SNMP gives away a whole load more
about the network than you could deduce from device fingerprinting.
Most vendors have extentions to MIB2 (the OID 1.3.6.1.4.1 gives the
enterprise portion of the MIB, a list of these proprietary MIB
varaibles would be bloody useful). The ability to get and then
possibly set these has all manner of possibilities.

Emerson
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>

iQA/AwUBNnn7vMYOYMPupBWBEQL+UQCg2iFz51qMI/AfBSd3MrLXlzS5r+YAoL2q
elzKXWK87zCoHMU4OFvb+Ygr
=Ttal
-----END PGP SIGNATURE-----

===
"When something good happens it's a miracle and you should wonder what god
is saving up for you next" - Marshall Brickman  

Emerson <nutter () technoogist com>
ICQ: 13396569
PGP pubkey available if you ask nicely