CERT SNMP Vulnerabilities

Started by wilnix, March 04, 2002, 02:27:20 PM

Previous topic - Next topic
 >:( Did anyone else have extra work the day this came out? Damn SNMP. Oh well, patches are in place now.

Need info?

http://www.cert.org/advisories/CA-2002-03.html

Wilnix
alt email address: wilnix@hackphreak.org

Somewhat. We have quite a few things that were affected by that little notice, but not many. My superiors where I work dont feel its nessisary to use SNMP so it didnt have much of an impact on us. Ive mostly been dealing with the damn Microsoft Advisories for IE and Office lately. Not fun when you have tons of users and the SMS Admin doesnt know what the hell hes doing so you basically cant push it via the server and have to go around to 1000+ workstations and install things manually.

The best part of all that is when the users claim that what you did made something stop working on thier machine somehow. The old "I dont know what you did but now this doesnt work since you changed things." Gotta love it.
"A well known hacker is a good hacker, an unknown hacker is a great hacker..."

I don't care what your parents told you, you aren't special.
  • https://github.com/tazinator

Taz, you have my sympathy... reminds me of HS. haha.
I had to go install shit, fix things, etc., on every damn machine (not as many as
that but erm.. it was enough to be a royal pain...)

Yes, they always complained... "Now it doesn't work"
Idiot users...
I actually have an archive of funny things.. I'll share it with the board if anyone wants
to see it...

the best one, though, is about a linux (ugh) box:

[somewhere] a Linux OS (I think it was RH or Mandrake.. uh whatever) and it was
left idle. Being the snoopy and bad type I had to look. I pull up a command prompt
and what do I see ? root prompt !!! hahaha
I could have done anything... being the nice person I am *evil grin* I logged off
haha
stupid idiots..


"My Terminal is my Soul"

Unfortunately, We use SNMP to show bandwidth utilization (mrtg) for the CFO here.

As far as idiot stories:

Research and Development hired a consultant to install some software for them on a Sun 220 for them. He starts doing his install and the weekend after my partner and I add etherchannel between our core switches (adding 4gbps). He complains the next day that his users (all 5 of them) are having connection problems to the apache service on his server and our change is what did it. I explain to him that we coudln't possibly have caused any trouble and even offer to help him fix it. It turns out the they connect to the apache service lightning fast but d/ling a 2k graphic or try to authenticate took over a minute. Immidiately I tell him that apache is doing reverse name lookups and he should check his conf file for HostnameLookups and turn it off. He argues with me so I prove it to him by adding a users machine to DNS. This fixes the problem. THREE DAYS LATER: He comes in upset, because he isn't getting any help from my partner (who is already mad at him and wont help him out anymore) and tells me to "humor" him and test the network by reconfiguring it. So I do.  FIVE HOURS LATER: I ask him "Look, do you mind if I just look at your httpd.conf file?" and he agrees. Immidiately I find : HostnameLookups On
I set this to Off, restart apache and everything beautiful.

This is a prime example of why I hate consultants. If you are going to get hired fo a job, know what the hell you are doing. I asked the director for five hours of his pay.

Wilnix
alt email address: wilnix@hackphreak.org

SMF spam blocked by CleanTalk