[Full-Disclosure] ucd-snmp - arbitrary query ?

From: cdowns (cdowns_at_drippingdead.com)
Date: 12/19/03

  • Next message: Shaolin Tiger: "Re: [Full-Disclosure] 13 NASA Servers Hacked" 
    To: full-disclosure@lists.netsys.com
Date: Fri, 19 Dec 2003 10:03:18 -0600

    Morning all,
        I have a strange thing going on with ucd-snmp-4.2.5-8.73.1 on redhat
    7.3.

        My snmpd.conf is configured as so ( very simple ):

        ## snmpd.conf
        rocommunity my_snmp_string dest_ip_address

        syscontact "cdowns@drippingdead.com"
        syslocation "linux_box_x closet"

        # eof

        now I thought that this machine would only talk to dest_ip_address
    with ro permissions, Now for some reason when I query from another
    machine on the network:

        snmpwalk linux_box_x -c public

        I get a partial snmp response and the its hangs till the connection
    finally drops.

        If i specify -c 1 my_snmp_string as you normally would with snmpwalk
    I get no response, This is what I expect to happen from an arbitrary
    ipaddress.

        Anyone have any ideas why ucd-snmp would do this ?? There may be
    something I dont understand but this is definately not right.

        I know ive seen ucd-snmp threads on system.sys errors and this is
    where its dying as well.. maybe its still lingering around.

    --- -Snip -----
    system.sysORTable.sysOREntry.sysORDescr.9 = The management information
    definitions for the SNMP User-based Security Model.
    system.sysORTable.sysOREntry.sysORUpTime.1 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.2 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.3 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.4 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.5 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.6 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.7 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.8 = Timeticks: (0) 0:00:00.00
    system.sysORTable.sysOREntry.sysORUpTime.9 = Timeticks: (0) 0:00:00.00
    Timeout: No Response from linux_box_x
    [cdowns@Dripping cdowns]$

        Thanks all.

        ~!>D

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Shaolin Tiger: "Re: [Full-Disclosure] 13 NASA Servers Hacked"

    Relevant Pages

    • Re: about socket with tci/ip
      ... > The clients and the server ask every 10 secondes, ... What is the reason for ...? ... it to or from the peers in a connection, you'll see no network traffic as ... cooperate with 'good code' and act appropriately in response to 'bad code'. ...
      (microsoft.public.win32.programmer.networks)
    • Re: Profiler sees very different durations for the same SQL select stmt of spid(s) from different c
      ... Our network team had assumed their responsibilities, ... query from query analyzer will definitely do. ... means connection issue or server issue. ... >> include the response time in network. ...
      (microsoft.public.sqlserver.server)
    • Re: polling an intranet for a device type
      ... Many thanks for your response. ... We have some new products that are network visible and can have any IP ... Alternatively I could query each individual IP address and monitor the ... If I were to ping each address I would ...
      (microsoft.public.dotnet.languages.csharp)
    • Re: Unique Identifier for a machine
      ... Thanks for your response! ... If you have the difficulty to query the Processor Serial number, ... the Network Adapter's MAC address should be a good choice... ...
      (microsoft.public.dotnet.general)
    • Re: Windows wont shut down if my applications hidden with notify icon showing in tray
      ... btw, you answered a query back in october giving me similar response but for ... some reason it didn't work for me then. ...
      (microsoft.public.dotnet.languages.csharp)