SNMP – a goldmine of information just waiting to be discovered

Simple Network Management Protocol (SNMP) is commonly mismanaged by busy administrators and developers. Frequently, you will see default community strings or community strings that are reused throughout the entire organization you are testing. You will want to ensure that your clients are using the most secure version of SNMP and that you cannot simply walk in to a building, unplug a phone, and sniff the community string. Newer versions of SNMP include strong encryption to avoid such flaws.

When the SNMP community string is NOT "public"

More than likely you will not find many community strings that are set at default. That is when you must dig into your toolset and earn your pay. There ...

Get Advanced Penetration Testing for Highly-Secured Environments - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Advanced Penetration Testing for Highly-Secured Environments - Second Edition by Lee Allen, Kevin Cardwell

SNMP – a goldmine of information just waiting to be discovered

When the SNMP community string is NOT "public"

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly