[Snort-users] dhcp assigned address and no ip on snort interface

Jason Haar Jason.Haar at ...294...
Thu Feb 21 17:36:09 EST 2002


On Thu, Feb 21, 2002 at 05:57:18PM -0600, pbsarnac at ...1799... wrote:
> aware of the risks when using this solution. According to
> http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml
> the pix is only vulnerable from the host specified in your snmp-server host
> config line, which should greatly reduce your risk, but if you should
> definitely plan on upgrading to a patched version at some point.

"Bzzzzzzzzt!"

I'm a frayed knot. :-)

Don't forget, SNMP uses UDP. Therefore the entire exploit can be spoofed...

[ignore the fact that the hacker has to successfully guess your snmp
management stations IP address of course...]

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417




More information about the Snort-users mailing list