Return-Path: <sentto-279987-4456-1013750487-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 14 Feb 2002 21:43:08 -0800 (PST) Received: (qmail 15508 invoked by uid 510); 15 Feb 2002 05:21:41 -0000 Received: from n33.groups.yahoo.com (216.115.96.83) by all.net with SMTP; 15 Feb 2002 05:21:41 -0000 X-eGroups-Return: sentto-279987-4456-1013750487-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.190] by n33.groups.yahoo.com with NNFMP; 15 Feb 2002 05:21:27 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_2); 15 Feb 2002 05:21:26 -0000 Received: (qmail 56784 invoked from network); 15 Feb 2002 05:21:25 -0000 Received: from unknown (216.115.97.167) by m4.grp.snv.yahoo.com with QMQP; 15 Feb 2002 05:21:25 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.snv.yahoo.com with SMTP; 15 Feb 2002 05:21:25 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g1F5fPi08039 for iwar@onelist.com; Thu, 14 Feb 2002 21:41:25 -0800 Message-Id: <200202150541.g1F5fPi08039@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 14 Feb 2002 21:41:25 -0800 (PST) Subject: [iwar] SNMP Self-Test Tool Released (fwd) Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit An SNMP Self-Test Tool Earlier this week, the National Infrastructure Protection Center (NIPC) issued an official Warning telling the world that 'action may be required to prevent the possibility of criminal exploitation by malicious hackers' who can exploit vulnerabilities of SNMP. Newer data showed that nearly every organization must take significant action to avoid the widespread vulnerability. However, many user organizations do not know which systems need to be patched or protected, because they do not know where SNMP is running. With the help of more than a dozen government and commercial and university testers and developers, SANS is providing a free software package that can immediately identify where the SNMP service is running on every system or device connected to a network. Testing organizations around the world have been very positive about the tool. Here are some examples: "The SNMPing tool is effectively identifying machines running SNMP on our network. I had tried two other port scanning tools (NSCAN and NETLAB) that both failed to identify SNMP on our network." "Took less then 30 seconds to unzip, run, get results." "Very easy to install; Very Fast; Very useful." "Installation, configuration and use are straightforward, and the documentation is good. We've used it to scan about three fourths of our 70 class-C-size subnets. It is very fast, and we've found a few rogue printers and other devices running SNMP. It's a lot faster and easier than running nmap for this specific purpose." To get a copy, email snmptool@sans.org. You'll get a note back with data on how to get the tool. We are using this method for distribution so we can inform you when any updates are provided in the tool. You'll find more data on the tool below, followed by a couple of extra notes of useful free reports and tools. Please do not forward this note beyond the employees of your organization. We want to try to meet the needs of SANS alumni and coworkers before we start telling others about the tool. Good hunting. Alan Paller Director of Research Tool Description: SNMPing is a tool that scans a TCP/IP network for devices running an SNMP daemon on port 161 (or a user specified port). Usage: The SNMPing user interface consists of a large list control and several buttons. The list control is populated by IP addresses returned from a network scan that you initiate via the Scan button. System Requirements: SNMPing runs on Windows NT/2000. ADMIN privileges are not required, however, it is expected that users of this tool should be network administrators. This version (1.02b) includes a new feature that presents data in a file format that can be easily analyzed. === New OMB Security Report If you have anything to do with government computing, you may want to read the new US Office of Management and Budget report on the status information security in 24 Federal agencies. We're telling you early so you can get it before the OMB web site gets overwhelmed. (We hope.) It's 110 pages long, written by someone who clearly "gets it." The agency summaries, however, seem to reflect a difficulty by the inspector general community to grasp what it takes to secure information systems. Fascinating reading for those with an interest in security of federal systems. http://www.whitehouse.gov/omb/pubpress/2002-05.html ------------------------ Yahoo! Groups Sponsor ---------------------~--> Sponsored by VeriSign - The Value of Trust Do you need to encrypt all your online transactions? Find the perfect solution in this FREE Guide from VeriSign. http://us.click.yahoo.com/vCuuSA/UdiDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST