The Register® — Biting the hand that feeds IT

Scanning for SNMP vulnerabilities

Sysadmins' corner

Tune into our application security webcast, click here

SANS has released a scanning tool called SNMPing which will find SNMP daemons running on a TCP/IP network. It defaults to port 161, but you can enter the port of your choice.

The good news is that it's small and effective. The bad news is that it only runs on WinNT/2K.

You can use TCP dump to log your attempts. You'll find that some devices can be protected with hard-to-guess community names, and that others can't, so get the straight dope on all your devices.

In order to send bulletins about upgrades and bugs to users of the tool, SANS prefers that you e-mail them here to get it. It's automated and takes only a minute to get a reply. We'll just go ahead and not mirror the file, since that actually makes good sense.

Keep in mind that the blackhats undoubtedly have this tool and are happily scanning networks as I type. So use it, see?

That is all. ®

See what The Register's experts have to say on application security

Don’t Miss

Win a Samsung C6625!

Reg Lucky Draw Windows Mobile handsets up for grabs

Palm_Pre_001_SMIs your cameraphone an oxymoron?

Pic Review iPhone 3G v iPhone 3GS v Palm Pre

Reg black vulture logoReg Mobile and Wireless newsletter is go! go! go!

Site news Email-tasm

Sign up, sign up for The Register IT security newsletter

Narrowcasting for the email classes