[plug] Messaging using SNMP
Brad Campbell
brad at fnarfbargle.com
Mon Dec 8 13:41:31 UTC 2014
On 08/12/14 20:53, Andrew Cooks wrote:
> Hi Kevin
>
> Having recently implemented an SNMP agent, I strongly encourage you to
> try other options first.
>
> Almost everything uses port 80 these days, so is that not an option?
>
> If you need to subvert IT, socat on UDP port 53 is sometimes an
> interesting option.
I've recently been doing some contracting for some companies that have
somewhat totalitarian IT departments. No matter the fire wall or the
packet analysers used, all have happily let through any traffic on port
22. It's quite astounding what you can tunnel over ssh if you have to,
or simply use port 22/tcp for transport and not raise an eyebrow.
I've found recently that DNS proxies tend to b0rk most non-dns traffic
on 53. But hey, in some cases its a matter of running through all the
tools in your toolbox in order of complexity in order to circumvent the
restrictions.
Having said that, I agree with all the others. SNMP is a world of hurt
to implement and if implemented properly on a network is locked down
tighter than the proverbial as it is a sitting duck.
I once put RS485 over a pair of brine-soaked string.. It's not exactly
120 ohm, but it worked. Where there is a will.. (or a bottle of single
malt on the line)..
More information about the plug
mailing list