There is a vulnerability that is present in a hidden and undocumented common
string in some SNMP agents. The string allows a malicious user to to kill
any process, update routes, disable firewalls (by changing network routes),
and disable network interfaces.
If you do SNMP to the firewall I would suggest making it very restrictive as
to the hosts it responds to and the direction of the incoming requests as
well.
Lance
----- Original Message -----
From: "Jesper Wall" <[EMAIL PROTECTED]>
To: "Firewalls (E-mail)" <[EMAIL PROTECTED]>
Sent: Tuesday, September 05, 2000 7:40 AM
Subject: SNMP on firewalls
> Hi!
>
> Is it a stupid thing to use SNMP in read only mode on a firewall?
> I have a feeling that SNMP can be compromised, even if you run it in read
> only mode. Or?
>
> /Jesper
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
