Re: (ASCEND) Ascend Router SNMP Security Issues [Q]

To: "Nolan W. Bailey, Jr." <nolan@cp-tel.net>
Subject: Re: (ASCEND) Ascend Router SNMP Security Issues [Q]
From: Kit Knox <kit@connectnet.com>
Date: Tue, 17 Mar 1998 09:07:19 -0800 (PST)
cc: ascend-users@bungi.com
In-Reply-To: <3.0.5.32.19980317104948.007fc550@cp-tel.net>
Reply-To: Kit Knox <kit@connectnet.com>
Sender: owner-ascend-users@max.bungi.com

On Tue, 17 Mar 1998, Nolan W. Bailey, Jr. wrote:

| Basically, the SNMP security issue is that some users leave the default
| Ascend read/write password set to public and write?  Is that correct? 

Yes, this is correct.  Although even if changed to non-defaults, SNMP
community strings are sent cleartext.  A lot of people don't even know how
to set a telnet pw, let alone change their SNMP defaults.  You would be
amazed at how many people have it left at "public" and "write".

| Does SNMP Read access allow the user access to the "sysConfigTftp" option?  
| Or, is that a SNMP write function?

No.  It is a write function.  Anyone with CMU's snmpset, a tftp server,
and a copy of the ascend mib file can exploit this. 

-Kit



++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

References:

(ASCEND) Ascend Router SNMP Security Issues [Q]

From: nolan@cp-tel.net (Nolan W. Bailey, Jr.)

Prev by Date: Re: (ASCEND) User not receiving IP address.
Next by Date: (ASCEND) quick question: 4048 & MP
Prev by thread: (ASCEND) Ascend Router SNMP Security Issues [Q]
Next by thread: Re: (ASCEND) Ascend Router SNMP Security Issues [Q]
Index(es):
- Main
- Thread