O'Reilly logo

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide by Lee Allen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SNMP: A goldmine of information just waiting to be discovered

Simple Network Management Protocol (SNMP) is commonly mismanaged by busy administrators and developers. Frequently, you will see default community strings, or community strings that are reused throughout the entire organization you are testing. You will want to ensure that your clients are using the most secure version of SNMP and that you cannot simply walk in to a building, unplug a phone, and sniff the community string. Newer versions of SNMP include strong encryption to avoid such flaws.

SNMPEnum

Luckily for us there are many tools available that make testing for SNMP simple. We will start off by using SNMPEnum which is a Perl script that can be found in BackTrack 5 R1 in the /pentest/enumeration/snmp/snmpenum ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required