[c-nsp] Blocking SNMPv3 engine-id discovery [was: Re: How to disable ILMI/SNMP CSCvs33325]
Nathan Lannine
nathan.lannine at gmail.com
Thu Mar 2 11:24:07 EST 2023
On Wed, Sep 21, 2022 at 6:52 AM Simon Leinen via cisco-nsp <
cisco-nsp at puck.nether.net> wrote:
> Gert Doering writes:
> > On Wed, Sep 21, 2022 at 08:14:30AM +0300, Hank Nussbacher wrote:
> >> Indeed the SNMP leaks appear to be exactly CSCtw74132 which we did
> >> not know about nor did Cisco TAC :-(
>
Just wanted to say thanks to you all for this thread. Gave me a starting
point for mitigating this following a recent vuln scan result. My biggest
challenge though was figuring out how to validate a fix, which, turns out,
can be ascertained by a packet capture while running "snmpget -v3 <host>"
or by running nmap against it with the nmap snmp-info script.
Regards!
_N
More information about the cisco-nsp
mailing list