Re: Trojan attacking our switches
From: dreamwvr@dreamwvr.com
Date: 03/21/03
- Previous message: Charles Polisher: "Trojan attacking our switches"
- In reply to: Charles Polisher: "Trojan attacking our switches"
- Next in thread: Mike Hoskins: "Re: Trojan attacking our switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Mar 2003 10:03:56 -0700 From: "dreamwvr@dreamwvr.com" <dreamwvr@dreamwvr.com> To: incidents@securityfocus.com
On Thu, Mar 20, 2003 at 05:50:34PM -0800, Charles Polisher wrote:
> Telnetting into our HP Procurve 2524 switch
> shows an ongoing attempt to brute-force the
> SNMP community (public, of course). HP apparently
> does not provide a method for disbling SNMP, and
> we're going to have to visit all 93 switches
> in person to set a strong password -- yes, it had
> been left blank!
Well they might not need to try brute forcing your
community strings since you did say you telneted over.
That could easily produce a game over scenario.
-- /* Security is a work in progress - dreamwvr */ # # Note: To begin Journey type man afterboot,man help,man hier[.] # // "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \? ;-] ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
- Previous message: Charles Polisher: "Trojan attacking our switches"
- In reply to: Charles Polisher: "Trojan attacking our switches"
- Next in thread: Mike Hoskins: "Re: Trojan attacking our switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
