SecuObs.com - L'observatoire de la sécurité internet - Obtain system info type via SNMP infos

SecuToolBox : Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP + Aircrack + Ubiquiti (MadWifi) 530 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner

Détail du test :

ID	10800
Nom	Obtain system info type via SNMP
Auteurs	This script is Copyright (C) 2005-2007 Tenable Network Security
Catégorie	SNMP
Action	infos
Résumé	Enumerates system info via SNMP
Description	Synopsis : The System Information of the remote host can be obtained via SNMP. Description : It is possible to obtain the system information about the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.1.1. An attacker may use this information to gain more knowledge about the target host. Solution : Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. Risk factor : None

Cliquer pour le detail - Liste des tests :

Obtain processes list via SNMP
Obtain system info type via SNMP
Enumerate routes via SNMP
D-Link DSL Broadband Modem
Enumerate Lanman services via SNMP
Enumerate Lanman shares via SNMP
Obtain installed software via SNMP
SNMP VACM
Enumerate Lanman users via SNMP
Discover HP JetDirect EWS Password via SNMP
Obtain Cisco type via SNMP
Obtain network interfaces list via SNMP
Default community names of the SNMP Agent

Cliquer pour le detail - liste des categories :

CISCO

Compte utilisateur unix par défaut

Acces root à distance

Acces shell à distance

General

Divers

Netware

Backdoors / chevaux de troie

NIS

Peer to Peer

Scanner de port

Fichiers en acces distant

RPC

Parametrage

Serveur de messagerie SMTP

SNMP

Services de moindre importance

Windows : Général

Windows : gestion des utilisateurs

Windows : Mises a jour

Debian : Mises a jour

Gentoo : Mises a jour

AIX : Mises a jour

Red Hat : Mises a jour

Mac OS X : Mises a jour

Slackware : Mises a jour

SuSE : Mises a jour

Mandrake : Mises a jour

Fedora : Mises a jour

Solaris : Mises a jour

FreeBSD : Mises a jour

HP-UX : Mises a jour

Ubuntu : Mises a jour

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, réseau, vulnérabilité, attaque, système, microsoft, virus, audit, internet, présentation, fonction, données, linux, outil, bluetooth, shell, gestion, trames, vista, wishmaster, sysun, paquets, metasploit, téléphone, engineering, fonctions + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA32774 Citrix XenServer Ext2/Ext3 Processing Security Bypass Vulnerability - SA32761 No-IP Linux Dynamic Update Client Buffer Overflow Vulnerability - SA32778 Ubuntu update for firefox, firefox-3.0, and xulrunner-1.9 - SA32659 E-topbiz Link Back Checker auth Cookie Security Bypass - SA32745 Free Directory Script API_HOME_DIR File Inclusion Vulnerability + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Re: Full-disclosure Fredrick Diggle Security is looking for a few good men (or mediocre women) - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Full-disclosure MDVSA-2008:220-1 kernel - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Re: Re: Re: Re: Opera 9.6x file:// overflow - Re: MDVSA-2008:232 dovecot - Re: Re: Re: Re: Opera 9.6x file:// overflow - MDVSA-2008:232 dovecot - Re: MDVSA-2008:231 libxml2 + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, biometric, lockpicking, wimax, password, kernel, malware, spammer, windows, iphone, symantec, phish, knoppix, adware, security, botnet, linux, tutorial, cryptography, internet, attack, wireshark, server, virtual, metasploit, intel, openbsd, hitbsecconf2006, protect, jailbreak, norton, ubuntu, rootkit, exploit, samsung, hijackthis, screen, ettercap, fingerprint, vista, flash, drive + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, vulnérabilité, network, google, vulnerability, hacker, attack, inject, remote, mobile, server, exploit, apple, internet, iphone, black, yahoo, sécurité, malware, vista, intel, patch, crypt, drive, access, protect, virtual, laptop, linux, source, biometric, research, ebook, business, virus, office, phish, adobe, chine, facebook, opera, flash, wireless + de mots clés avec l'annuaire de la revue de presse