[iwar] SNMP Self-Test Tool Released (fwd)

From: Fred Cohen (fc@all.net)
Date: 2002-02-14 21:41:25


Return-Path: <sentto-279987-4456-1013750487-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 14 Feb 2002 21:43:08 -0800 (PST)
Received: (qmail 15508 invoked by uid 510); 15 Feb 2002 05:21:41 -0000
Received: from n33.groups.yahoo.com (216.115.96.83) by all.net with SMTP; 15 Feb 2002 05:21:41 -0000
X-eGroups-Return: sentto-279987-4456-1013750487-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.190] by n33.groups.yahoo.com with NNFMP; 15 Feb 2002 05:21:27 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_2); 15 Feb 2002 05:21:26 -0000
Received: (qmail 56784 invoked from network); 15 Feb 2002 05:21:25 -0000
Received: from unknown (216.115.97.167) by m4.grp.snv.yahoo.com with QMQP; 15 Feb 2002 05:21:25 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.snv.yahoo.com with SMTP; 15 Feb 2002 05:21:25 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g1F5fPi08039 for iwar@onelist.com; Thu, 14 Feb 2002 21:41:25 -0800
Message-Id: <200202150541.g1F5fPi08039@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 14 Feb 2002 21:41:25 -0800 (PST)
Subject: [iwar] SNMP Self-Test Tool Released (fwd)
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

An SNMP Self-Test Tool

Earlier this week, the National Infrastructure Protection Center (NIPC)
issued an official Warning telling the world that 'action may be
required to prevent the possibility of criminal exploitation by
malicious hackers' who can exploit vulnerabilities of SNMP.  Newer data
showed that nearly every organization must take significant action to
avoid the widespread vulnerability. However, many user organizations do
not know which systems need to be patched or protected, because they do
not know where SNMP is running.  With the help of more than a dozen
government and commercial and university testers and developers, SANS
is providing a free software package that can immediately identify where
the SNMP service is running on every system or device connected to a
network.

Testing organizations around the world have been very positive about
the tool. Here are some examples:

"The SNMPing tool is effectively identifying machines running SNMP on
our network.  I had tried two other port scanning tools (NSCAN and
NETLAB) that both failed to identify SNMP on our network."

"Took less then 30 seconds to unzip, run, get results."

"Very easy to install; Very Fast; Very useful."

"Installation, configuration and use are straightforward, and the
documentation is good.  We've used it to scan about three fourths of
our 70 class-C-size subnets.  It is very fast, and we've found a few
rogue printers and other devices running SNMP.  It's a lot faster and
easier than running nmap for this specific purpose."

To get a copy, email snmptool@sans.org.  You'll get a note back with
data on how to get the tool.  We are using this method for distribution
so we can inform you when any updates are provided in the tool.

You'll find more data on the tool below, followed by a couple of extra
notes of useful free reports and tools.

Please do not forward this note beyond the employees of your
organization. We want to try to meet the needs of SANS alumni and
coworkers before we start telling others about the tool.

Good hunting.

Alan Paller
Director of Research

Tool Description:
     SNMPing is a tool that scans a TCP/IP network for devices running an
SNMP daemon on port 161 (or a user specified port).
Usage:
     The SNMPing user interface consists of a large list control and
several buttons. The list control is populated by IP addresses returned
from a network scan that you initiate via the Scan button.

System Requirements:
SNMPing runs on Windows NT/2000.  
ADMIN privileges are not required, however, it is expected that users
of this tool should be network administrators.

This version (1.02b) includes a new feature that presents data in a file
format that can be easily analyzed.

===

New OMB Security Report 
If you have anything to do with government computing, you may want to
read the new US Office of Management and Budget report on the status
information security in 24 Federal agencies.  We're telling you early
so you can get it before the OMB web site gets overwhelmed. (We hope.)
It's 110 pages long, written by someone who clearly "gets it."  The
agency summaries, however, seem to reflect a difficulty by the inspector
general community to grasp what it takes to secure information systems.
Fascinating reading for those with an interest in security of federal
systems.
http://www.whitehouse.gov/omb/pubpress/2002-05.html

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Sponsored by VeriSign - The Value of Trust
Do you need to encrypt all your online transactions? Find
the perfect solution in this FREE Guide from VeriSign.
http://us.click.yahoo.com/vCuuSA/UdiDAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST