Penetration Testing mailing list archives
Re: [PEN-TEST] Subnet Discovery...
From: Jason Ellison <infotek () DATASYNC COM>
Date: Wed, 21 Mar 2001 02:51:29 -0600
i noticed sending a snmp request to the network ip address of an alias'ed tokenring adapter on a cisco router cause the packet to be resent to mac ff:ff:ff:ff:ff:ff ip 255.255.255.255:snmp out the tokenring adapter. this causes all ip network devices on the tokenring netowork to recive the snmp request. i noticed when an aix box that did not have an ip address on the paticular network being queried was responding to snmprequest snmpwalk 192.168.64.8 public system.* geting responses from all devices on physical tokenring network. this is the packet sent from the linux box 0:12:29.886261 192.168.1.1.4440 > 198.208.64.8.161: GetNextRequest(26) .1.3.6.1.2.1.1 and packet seen on the tokenring network 00:38:43.292027326 0:6:7c:9a:68:85 ff:ff:ff:ff:ff:ff 0800 91: 192.168.1.1.4440 > 255.255.255.255.161:GetNextRequest(15) [|snmp]
Current thread:
- Re: [PEN-TEST] Subnet Discovery... Jason Ellison (Mar 21)