Hello all,
Sorry for the off topic, but this may affect some of you. If you want
further or updated info, subscribe to the SANS list.
Have fun!
Bart Nikota
------- Forwarded message follows -------
Date sent: Thu, 14 Feb 2002 17:31:57 -0700 (MST)
From: The SANS Institute <[EMAIL PROTECTED]>
Subject: SNMP Self-Test Tool Released
To: Bart Nikota <[EMAIL PROTECTED]>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
An SNMP Self-Test Tool
Earlier this week, the National Infrastructure Protection Center
(NIPC)
issued an official Warning telling the world that 'action may be
required to prevent the possibility of criminal exploitation by
malicious hackers' who can exploit vulnerabilities of SNMP. Newer
data
showed that nearly every organization must take significant action
to
avoid the widespread vulnerability. However, many user
organizations do
not know which systems need to be patched or protected, because
they do
not know where SNMP is running. With the help of more than a
dozen
government and commercial and university testers and developers,
SANS
is providing a free software package that can immediately identify
where
the SNMP service is running on every system or device connected
to a
network.
Testing organizations around the world have been very positive
about
the tool. Here are some examples:
"The SNMPing tool is effectively identifying machines running
SNMP on
our network. I had tried two other port scanning tools (NSCAN and
NETLAB) that both failed to identify SNMP on our network."
"Took less then 30 seconds to unzip, run, get results."
"Very easy to install; Very Fast; Very useful."
"Installation, configuration and use are straightforward, and the
documentation is good. We've used it to scan about three fourths
of
our 70 class-C-size subnets. It is very fast, and we've found a few
rogue printers and other devices running SNMP. It's a lot faster
and
easier than running nmap for this specific purpose."
To get a copy, email [EMAIL PROTECTED] You'll get a note back
with
data on how to get the tool. We are using this method for
distribution
so we can inform you when any updates are provided in the tool.
You'll find more data on the tool below, followed by a couple of
extra
notes of useful free reports and tools.
Please do not forward this note beyond the employees of your
organization. We want to try to meet the needs of SANS alumni
and
coworkers before we start telling others about the tool.
Good hunting.
Alan Paller
Director of Research
Tool Description:
SNMPing is a tool that scans a TCP/IP network for devices
running an
SNMP daemon on port 161 (or a user specified port).
Usage:
The SNMPing user interface consists of a large list control and
several buttons. The list control is populated by IP addresses
returned
from a network scan that you initiate via the Scan button.
System Requirements:
SNMPing runs on Windows NT/2000.
ADMIN privileges are not required, however, it is expected that
users
of this tool should be network administrators.
This version (1.02b) includes a new feature that presents data in a
file
format that can be easily analyzed.
===
New OMB Security Report
If you have anything to do with government computing, you may
want to
read the new US Office of Management and Budget report on the
status
information security in 24 Federal agencies. We're telling you early
so you can get it before the OMB web site gets overwhelmed. (We
hope.)
It's 110 pages long, written by someone who clearly "gets it." The
agency summaries, however, seem to reflect a difficulty by the
inspector
general community to grasp what it takes to secure information
systems.
Fascinating reading for those with an interest in security of federal
systems.
http://www.whitehouse.gov/omb/pubpress/2002-05.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (BSD/OS)
Comment: For info see http://www.gnupg.org
iD8DBQE8bE62+LUG5KFpTkYRAsR9AKCfJ+qXXWC04BRwupPX
XeFcIFNZ/gCfW6t8
0LjRO7K22x1XsNX6GFcEstA=
=DRaM
-----END PGP SIGNATURE-----
------- End of forwarded message -------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
To subscribe to the digest version first unsubscribe, then
e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
