Help Irongeek.com pay for bandwidth and research equipment:
Introduction to Pen Testing Simple Network Management Protocol (SNMP) -
ISSA Kentuckiana workshop 9 - Jeremy Druin (Hacking Illustrated Series InfoSec
Tutorial Videos)
Introduction to Pen Testing Simple Network
Management Protocol (SNMP) - ISSA
Kentuckiana workshop 9 - Jeremy Druin
This is part of the 9th in a line of classes Jeremy Druin will
be giving on pen-testing and web app security featuring
Mutillidae (or other tools) for the Kentuckiana
ISSA. This one covers SNMP.
The Simple Network Management Protocol (SNMP) is used on networked devices to
read, write, and update device configuration remotely. Windows desktop systems
typically do not run SNMP services by default but these can be enabled for
testing. Server operating systems often run SNMP services by default as do
network devices such as routers, printers, special purpose equipment, switches,
and firewalls.
In this video, a Windows XP box has SNMP enabled to act as a test target. A
Backtrack 5 R3 host is used to perform assessment. The video progresses through
host discovery, port identification, service verification, finding community
strings, dumping device configuration, and altering device configuration.