Penetration Testing mailing list archives
Re: snmp
From: Frank Knobbe <frank () knobbe us>
Date: Mon, 27 Sep 2004 17:19:14 -0500
On Fri, 2004-09-24 at 15:39, R. DuFresne wrote:
You start by getting yer "get out of jail free card" from mgt. If you lack that, you are likely to get fired and then prosecuted.
I didn't read it like you did. It seemed to me that Juan wanted a tool that lists some info retrieved via SNMP Gets. With that list we would approach management, showing that you can query interface tables, etc, with a community string of "public". I didn't think that he wanted to "break into" and systems, or otherwise "pentest" it (even though he used that word in his request. Improper use of "pentest" in my book). I don't think he needs management approval or a JOOJF card to just list some stuff with snmpwalk. After all, the information is "public", right? As long as he doesn't circumvent counter-measures he should be fine. After all, he is the one responsible for security in his company. He would be one handing out the JOOJF cards ;) Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: snmp, (continued)
- Re: snmp Max (Sep 24)
- Re: snmp R. DuFresne (Sep 27)
- Re: snmp Frank Knobbe (Sep 24)
- Re: snmp Vijay Kumar (Sep 25)
- RE: snmp Victor Chapela (Sep 25)
- RE: snmp Dom (Sep 25)
- RE: snmp Alexandre Skyrme (Sep 26)
- Re: snmp R. DuFresne (Sep 27)
- RE: snmp Jeff Gercken (Sep 24)
- RE: snmp Burnett, Robert (Sep 24)
- Re: snmp H Carvey (Sep 24)
- RE: snmp Guillaume Lavoix (Sep 24)
- RE: snmp Todd Towles (Sep 24)
- RE: snmp Christopher Adickes (Sep 24)
- Re:snmp Ghaith Nasrawi (Sep 27)
- Re: Re:snmp Jose Maria Lopez (Sep 28)
- RE: snmp Harper, Patrick (Sep 28)
(Thread continues...)
- Re: snmp Max (Sep 24)