Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: SNMP worm?

from [Frank Knobbe] Network Security [Permanent Link]
Subject: RE: SNMP worm?
Date: Thu, 27 Oct 2005 03:07:01 -0500 
On Wed, 2005-10-26 at 21:52 -0400, Robert MacDonald wrote:

None here (yet). Possible a contractor or vendor showing off network
solution-wares? Does it appear to be polling sequentially or
randomly? Is it looking through particular subnets? Is it possibly a
new printer(s) that have been plugged in or gone wild?


Another possibility is a misconfigured network management station. I
remember one incident in the past where a certain subnet got routinely
scanned from one particular box, which was named like
"netmon.noc.company.com". We notified the contact of that domain and
kept an eye on it. Eventually the flood stopped, so perhaps someone
noticed that a netmask was entered wrong :)

What was that saying about not attributing malice to something that can
be explained with stupidity? :)

Cheers,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: SNMP worm?, David Gutierrez
Next by Date:  Re: RE: SNMP worm?, hein
Previous by Thread:  RE: SNMP worm?, Robert MacDonald
Next by Thread:  RE: SNMP worm?, David Gillett
Indexes:  [Date] [Thread] [Top] [All Lists]