[plug] Determining ip address
Cameron Patrick
cameron at patrick.wattle.id.au
Wed Dec 17 18:24:59 WST 2003
On Wed, Dec 17, 2003 at 06:00:03PM +0800, Craig Ringer wrote:
| If you can snmpwalk with '-c private' then it's probably time to look
| at the web interface or serial console and see if you can change that
| community name.
Well, it looks as though I can. What is the significance of this,
besides it being Bad? :-/
| Cameron Patrick wrote:
| > Oooh, I just tried that on the cruddy D-Link ADSL modem at home and it
| > spat pages on end of stuff at me. Having never used SNMP before, it
| > surprised me that it was (a) supported and (b) less of a black art
| > involving dribbly candles than I had previously expected... You learn
| > something new every day, as they say. I have no idea what most of the
| > fields it dumped at me meant,
|
| This command may give you a slightly more controlled level of output,
| restricted to network interfaces and closely related info:
|
| snmpwalk -v 1 -c public $HOSTNAME .iso.org.dod.internet.mgmt.mib-2.ip
Good lord. This is where those dribbly candles make their return, I see :-)
The output still looks like so much gibberish, but at least there's less
of it this time.
May I assume that MIB-2 is not a reference to the movie, then? :-P
| > but the disturbing bit is that it seems as
| > though the password it uses to log in to the ISP is stored in cleartext
| > and can be retrieved via SNMP with no autentication whatsoever.
|
| Woohoo. Time to see if you can at least change the community strings.
Yeah. And/or figure out how to set up pppoe on my linux box, it'd probably
reduce pain and suffering in the long run.
| > (Although thinking about it, that's probably the case via the web
| > interface too...)
|
| I know that my Alcatel DSL modem (it's actually the Pro router, but i've
| crippled it's brains because I don't want it doing PPPoE) has a web
| interface and console password, as does my nice new D-Link 802.11b AP.
| I'd be surprised if your modem didn't.
*sigh* This one doesn't appear to have any way to set a password from
the web interface, or to change the community string. (I take that's the
SMTP equivalent of a password, and what goes with the -c option?) Maybe
I'll give the serial console a go, but I really can't be bothered
shifting my NULL modem cable into the other room at the moment.
Cameron.
More information about the plug
mailing list