Changes

Jump to navigation Jump to search
689 bytes added ,  18:47, 27 June 2014
no edit summary
Line 18: Line 18:       −
===NTP Monitor List Query '''UDP/161[1]'''===
+
===NTP Monitor List Query '''UDP/123[1]'''===
    
The NTP protocol daemon, in versions prior to 4.2.7, supported a feature which reported a list of up to 600 clients which had used the queried NTP server as their time reference.  
 
The NTP protocol daemon, in versions prior to 4.2.7, supported a feature which reported a list of up to 600 clients which had used the queried NTP server as their time reference.  
Line 33: Line 33:  
See [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 CVE-2013-5211] for further details.
 
See [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 CVE-2013-5211] for further details.
    +
===SNMP Queries '''UDP/161'''===
    +
IPscan performs three SNMP queries. SNMP supports a variety of versions and authentication methods and since IPscan cannot know the credentials to use to test your system it defaults to using commonly-used, and therefore '''''insecure''''', community strings.
    +
<TABLE border="1" style="width:300px">
 +
<TR><TH>Port/Case</TH><TH>SNMP version</TH><TH>Test performed, credentials used</TH></TR>
 +
<TR><TD>UDP/161</TD><TD>v1</TD><TD>GET with 'public' community string</TD></TR>
 +
<TR><TD>UDP/161[1]</TD><TD>v2c</TD><TD>GET with 'private' community string</TD></TR>
 +
<TR><TD>UDP/161[2]</TD><TD>v3</TD><TD>EngineID Discovery, credentials not required</TD></TR>
 +
</TABLE>
     

Navigation menu