NMAP is a very limited tool in scanning routers and switches. If you have
determined in your network mapping that you have an abundant number of
routers and switches, one can most likely utilize a SNMP sweep looking for
specific SNMP fields and build your network map from there. etc, etc.. cheers
@SNMPFields = (
"ipAdEntAddr[\]",
"sysName",
"ipAdEntNetMask[\]",
"ipForwarding",
"sysObjectID",
"sysUpTime",
"sysLocation",
"sysDescr",
);
###################################################
# getSNMPFields
###################################################
sub getSNMPFields
{
my($node, $format, $sp0) = @_;
my($st);
$st = ""; $sp = " || ";
foreach $n (@SNMPFields) {
$n =~ s/\$NODEIP/$node/g;
if ($format) {
if ($st) {
$st .= $sp;
}
$st .= sprintf("%s",&snmp_get($COMMPORT,"$n"));
} else {
$st .= sprintf(" $n=%s\n",&snmp_get($COMMPORT,"$n"));
}
}
chomp($st);
$st =~ s/\"//g;
if ($sp0 eq "\",\"") {
$st =~ s/$sp/$sp0/g;
$st = "\"" . $st . "\"";
}
return $st;
}
The rest is left for an exercise for the reader.
"aui-tx-pm7.clec.net","nnn.nnn.nnn.nnn","noc","aui-tx-pm7.clec.net",1.3.6.1.4.1.9.1.188,"746144783","","Cisco
Internetwork Operating System Software \n\nIOS (tm) 5800 Software
(C5800-P4-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)\n\nCopyright (c)
1986-1999 by cisco Systems, Inc.\n\nCompiled Thu 09-Dec-99 00:42 by phanguye"
"bsg-ma-pm22.clec.net","nnn.nnn.nnn.nnn","noc","bsg-ma-pm22.clec.net",1.3.6.1.4.1.9.1.188,"311740070","","Cisco
Internetwork Operating System Software \n\nIOS (tm) 5800 Software
(C5800-P4-M), Version 11.3(10.6)AA, EARLY DEPLOYMENT MAINTENANCE INTERIM
SOFTWARE\n\nCopyright (c) 1986-1999 by cisco Systems, Inc.\n\nCompiled Fri
22-Oct-99 00:17 by sharpd"
"mvo-ca-usr10.clec.net","nnn.nnn.nnn.nnn","public","",1.3.6.1.4.1.429.2.9,"456884800","","U.S.
Robotics 17-Slot Chassis with PB clocking"
"mvo-ca-usr11.clec.net","nnn.nnn.nnn.nnn","public","",1.3.6.1.4.1.429.2.1,"456878200","","U.S.
Robotics 17-Slot Chassis"
For more information regarding scanning routers and switches:
The Simple Book: (Second Edition) by: Marshall T. Rose ISBN 0-13-177254-6
Prentice-Hall Copyright 1994
SNMP, SNMPv2 and CMIP: The Practical Guide to Network Management Standards
by: William Stallings (Addison-Wesley, 1993)
SNMP, SNMPv2 and RMON: Practical Network Management, Second Edition by
William Stallings Addison-Wesley, 1996 ISBN 0-201-63479-1
SNMP Application Developer's Guide by: Robert L. Townsend ISBN
0-442-01874-6 Van Nostrand Reinhold 115 Fifth Ave, NY, NY 10003
Understanding SNMP MIBs by: Perkins and McGinnis ISBN 0134377087 Prentice Hall
At 12:46 AM 11/26/00 -0500, Truman Boyes wrote:
>You may want to check with your vendor for new versions of software. There
>are usually a list of errata that are fixed in newer versions.
>
>If you want to make sure no services are listening on the router, you can
>port scan it with common tools like nmap.
>
>http://www.insecure.org/nmap
>
>
>cheers,
>.truman.boyes.
>
>On Fri, 24 Nov 2000, Timothy Koh wrote:
>
> > Hi,
> >
> > Is there any software to scan for vulnerability on the Router and Switches?
> >
> > Thanks,
> > Timothy
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
