AtApi
May 5 2004, 09:49 AM
Hi to all!
Just a question, is possible for an attacker to gain remotely info about a switch? like brand,model etc..
charon255
May 5 2004, 07:00 PM
If the switch (or any device for that matter) is running SNMP with weak or default community strings, and SNMP is allowed through the firewall the switch is behind, then yes it is quite easy to get all of that info and more.
In addition, NMAP can do some profiling of network devices without using SNMP.
l0wkey
May 5 2004, 08:35 PM
Nmaps fingerprint can tell if its cisco or not, but if your lookin for model number or ios versions your gonna need to do like he said and get access via SNMP. Sometime admins are dumb with the telnet banners and leave some juicy information there like hostnames, which often have modelnumbers in them.
AtApi
May 6 2004, 09:22 AM
Thanx for info guys!!
Pretty nice
easternerd
Aug 23 2004, 09:53 AM
| QUOTE (l0wkey @ May 5 2004, 08:35 PM) |
| Nmaps fingerprint can tell if its cisco or not, but if your lookin for model number or ios versions your gonna need to do like he said and get access via SNMP. Sometime admins are dumb with the telnet banners and leave some juicy information there like hostnames, which often have modelnumbers in them. |
Only if they've got an Ip Configured. Most of those fingerprints are based on HTTP and telnet port ,(configured using console otherwise) , So if the ip is not configured than nothing can be done.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
