Cisco SNMP configuration attack with a GRE tunnel

by Mati Aharoni, William M. Hidalgo
Sept. 25, 2017 1 comment Symantec Pen Testing & Audits cisco snmp

Throughout our education as system administrators, SNMP is often a topic that eludes us. One might have a vague understanding of what it's used for, and a general sense of security around some vague concept that it's read-only information. It is easy to be surprised when one first sees the output of an SNMP enumeration tool such as SNMP-Enum (by Filip Waeytens), when it's run against a Windows 2000 Server with the default SNMP service enabled. The wealth of information collected might leave an administrator stumped, and soon realize that SNMP holds many possibilities within. SNMP may just remind the reader of the movie "The Matrix" in the way it's used to constantly probe devices, looking for anomalies. Remember when Neo takes the red pill, and the Matrix spits him out as a reject? Think of a final SNMP SET command as the one that opens Neo's bio chamber doors...

https://www.symantec.com/connect/articles/cisco-snmp-configuration-attack-gre-tunnel

Avatar
2flash 4 months, 3 weeks ago

A bit hard to understand but you can see that a lot of effort was put into writing it. Nice work!

Reply