I used this brute-force technique with a simple script a few years ago,
you'd need to verify the MIB is still correct (probably is). It basically
simulates a "config net" command to bring statements in via tftp. You
could easily put this in a loop, issuing once for each router.
Put the reconfiguration statements in <filename> in your tftpboot (or other
tftp default) directory on server a.b.c.d
For each <router>
/usr/OV/bin/snmpset <router> .1.3.6.1.4.1.9.2.1.53.a.b.c.d octetstring
<filename>
Jeff Sanden
Senior Consulting I/T Architect; CCIE #5218
IBM Global Services, Networking Consulting and Services
717-796-3234 (T/L 437)
---------------------- Forwarded by JEFFREY SANDEN/Mechanicsburg/IBM on
02/16/2002 11:30 AM ---------------------------
Leslie Clark/Southfield/IBM@IBMUS on 02/16/2002 10:22:59 AM
To: nv-l@lists.tivoli.com
cc:
Subject: Re: [nv-l] CERT security advisory on multiple SNMP
implementations
We had our round a couple of months ago, remember?
Now for the Cisco situation. What are people using for massively telneting
to devices and issuing commands? In my current situation I am looking at
implementing ACLs for a few thousand devices. I know there are commercial
products out there for running scripts on devices. Any recommendations?
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Detroit
netview@toddh.
net (Todd H.) To: nv-l@lists.tivoli.com
cc:
02/12/02 04:53 Subject: [nv-l] CERT security
advisory on
PM multiple SNMP implementations
Oy...there goes the neighborhood. NetView is clean, but a bunch of
devices in the average network are likely to be vulnerable:
http://www.cert.org/advisories/CA-2002-03.html
I'm curious if anyone know how NetView got branded as not vulnerable
to trap format string attacks without the dependency on the security
e-Fix from 6.02 that came out in response to:
http://www.cert.org/advisories/CA-2001-24.html
Perhaps because that vulnerability only existed if you launched
external scripts in event processing forked by ovactiond?
--
Todd H.
http://www.toddh.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com
*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)
---------------------------------------------------------------------
To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com
*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)
|