[plug] Determining ip address

Craig Ringer craig at postnewspapers.com.au
Wed Dec 17 18:00:03 WST 2003 

James Devenish wrote:
> In message <20031217091310.GE3173 at erdos.home>
> on Wed, Dec 17, 2003 at 05:13:10PM +0800, Cameron Patrick wrote:
> 
>>I have no idea what most of the fields it dumped at me meant, but the
>>disturbing bit is that it seems as though the password it uses to log
>>in to the ISP is stored in cleartext and can be retrieved via SNMP
>>with no autentication whatsoever. Ack!
> 
>  - It probably just supports the 'public' community string meaning "all
>    read access" :)

You can hopefully change this to some `pwgen`-provided gibberish. More 
importantly, hopefully there is no write support or write support is 
disabled. If you can snmpwalk with '-c private' then it's probably time 
to look at the web interface or serial console and see if you can change 
that community name.

>  - It is in one way not surprising, because the use of SNMP and useful
>    community strings is typically done in a "secure" network environment
>    (what's a community string, anyway...).

Totally insecure. Alas, most devices don't even implement snmp 2 (any 
variant of), and I've never seen snmp3 support outside net-snmp yet.

Cameron Patrick wrote:
 > Oooh, I just tried that on the cruddy D-Link ADSL modem at home and it
 > spat pages on end of stuff at me.  Having never used SNMP before, it
 > surprised me that it was (a) supported and (b) less of a black art
 > involving dribbly candles than I had previously expected...  You learn
 > something new every day, as they say.  I have no idea what most of the
 > fields it dumped at me meant,

This command may give you a slightly more controlled level of output, 
restricted to network interfaces and closely related info:

snmpwalk -v 1 -c public $HOSTNAME .iso.org.dod.internet.mgmt.mib-2.ip

 > but the disturbing bit is that it seems as
 > though the password it uses to log in to the ISP is stored in cleartext
 > and can be retrieved via SNMP with no autentication whatsoever.

Woohoo. Time to see if you can at least change the community strings.

 > (Although thinking about it, that's probably the case via the web
 > interface too...)

I know that my Alcatel DSL modem (it's actually the Pro router, but i've 
crippled it's brains because I don't want it doing PPPoE) has a web 
interface and console password, as does my nice new D-Link 802.11b AP. 
I'd be surprised if your modem didn't.

OTOH, too often it's "admin" with no password. *sigh*. My new AP 
actually forced me to change the password before it'd do anything - I 
was delighted.

Craig Ringer

More information about the plug mailing list