[ale] hackers and thier methods

Pete Hardie pete.hardie at dvsg.sciatl.com
Wed Feb 20 08:31:13 EST 2002


"Michael H. Warfield" wrote:
> 
>         The serious counter arguement to that can be found in the
> problem that is a front burner issue today.  SNMP.  AKA...  Security
> Not My Problem.  Seems that a LOT of embedded devices have SNMP
> support which is vulnerable to a lot of havoc.  You may not be
> able to get a shell but you can certainly kick him in the dirt
> and then where are you?  With an embedded device, you may not
> have much control over shutting that sucker down.  Hint: MOST
> DSL and cable modems have SNMP enabled and you will play hell
> to get rid of it.  Try and get it upgraded, too...  :-/  And,
> yes, that nasty SNMP tool IS capable of kicking cable modems in
> the dirt.

Frankly, any decent hacker can send enough traffic to choke my firewall
with 5 PCs, so I really do not worry about a DoS attack on my firewall
via SNMP.  A Cracker getting into/through the firewall and gaining control
of one of my other machines, that's a concern.

-- 
Pete Hardie                   |   Goalie, DVSG Dart Team
    posting from, but not     |
	speaking for:             |
Scientific Atlanta, Digital Video Services Group


<html>
<body>
<font size="3" face="Times New Roman"><span style="mso-fareast-font-family: Times New Roman; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA">
- - - - - - - Appended by Scientific-Atlanta, Inc. - - - - - - -
<span style="font-size:10.0pt;font-family:Times New Roman;
mso-fareast-font-family:&quot;Times New Roman&quot;;mso-ansi-language:EN-US;mso-fareast-language:
EN-US;mso-bidi-language:AR-SA"></span><font face="Times New Roman" size="3"><span style="mso-fareast-font-family:Times New Roman; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA">This e-mail and any attachments may contain information which is confidential, proprietary, privileged or otherwise protected by law. The information is solely intended for the named addressee (or a person responsible for delivering it to the addressee). If you are not the intended recipient of this message, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete it from your computer.</span></font></p>
</body>
</html>

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list