Penetration Testing mailing list archives
RE: SNMP False Positives
From: Leif Sawyer <lsawyer () gci com>
Date: Fri, 12 Apr 2002 13:55:00 -0800
Ben Klang replied to
Michael Cox, whom on Thu, 2002-04-11 at 15:26, wroteI'm getting a lot of "default community string enabled" false positives from Nessus, Retina, and verified with SNMPing.I have noticed similar responses from our HP-UX boxes. This includes HP-UX 10.20 and 11.00. Nessus reported that any string sent was a valid community name.
Which test are you using for nessus? the snmp_default_communities.nasl? If you are, it should return which of the default community strings it was able to use. (this is 1.0.10, anyway) I've heard tell of some snmp implementations which, even when you put in custom strings, would still respond to public/private queries. Sigh. I'm not sure if there have been any bug fixes in the snmp tests for nessus, but if you're not running 1.0.10, consider upgrading, just for the fixes and additional tests... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- SNMP False Positives Cox, Michael (Apr 12)
- Re: SNMP False Positives Ben Klang (Apr 12)
- <Possible follow-ups>
- RE: SNMP False Positives Leif Sawyer (Apr 15)