netcache.snmp.public.txt

1999-08-17T00:00:00
ID PACKETSTORM:12049
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Wed, 7 Apr 1999 08:43:40 +0200  
From: Marco Davids <mdavids@CASEMA.NET>  
To: BUGTRAQ@netspace.org  
Subject: Netcache snmp behaviour  
  
Hi,  
  
We noticed an unexpected behaviour on our NetApps C630  
Netcache's. The problem even seems to exist in the latest software-  
release 3.3.1.  
  
The problem concerns the SNMP default community-name setting,  
which is set to 'public'.  
  
When changed into something else, using the webinterface, one  
might think that de default community-name is disabled. However,  
this is not the case. The new community-names are simply added  
to the existing default one. In other words; using the webinterface  
to enter extra community-names will _not_ disable the default.  
  
SNMP-Information can thereby still be retreived form the 'toaster'.  
This enables easy access to information you might not want to  
reveal.  
  
The only thing I could come up with to avoid this problem is to  
manually telnet into the Netcache, and issue the command: 'snmp  
delete ro community public' after every reboot.  
(this can only be done in the 'extended' command-mode)  
  
One could also edit /etc/rc and include this command, but please  
note that after every change through the web-interface this /etc/rc  
file is overwritten.  
  
Off course it is probably wise, although not allways an option, to  
restrict snmp-access at all, for instance by using router-  
accesslists.  
  
Cheers.  
  
  
  
  
  
Marco Davids +31(0)15 8881000 fax +31(0)15 8881099  
N.V. Casema -- Internet NOC mailto:mdavids@casema.net  
Systemadministrator http://www.casema.net/~mdavids  
  
`