First off , I'm posting this question here because it appears the SNMP mailing
list is now defunct. If this is the wrong list to post this please let me know
and I'll repost it in the correct one.
First I'm running squid with snmp enabled on Centos 4.7. the version of squid
is the most recent offered for 4.7: squid-2.5.STABLE14-4.el4. this is my
entire snmp configuration (with names and variables changed to protect the
innocent ;-))
acl chapmansnmp snmp_community publ!c
snmp_port 3401
snmp_access deny chapmansnmp !chapman1
We are using Rapid7's NeXpose software for vulnerability testing. What was
discovered is that an snmpwalk done with anything used as the snmp community
string and squid responds back. I've also seen the same results from a Nessus
scan (I believe Rapid7 software is based on Nessus but thought I'd try it
anyway. I've also seen similar results posted on the Internet). I've tried
modifying my community string to see if the special characters are causing the
issue but that didn't fix it. Here is an example of an snmpwalk done on one of
our proxy servers:
(Note that the community string given is public. That was not a valid
community string on the box. I tried all kinds of things and everything worked.
C:\Documents and Settings\mferguson>snmpwalk -c public -v 2c 10.160.57.34:3401
.1.3
SNMPv2-SMI::enterprises.3495.1.1.1.0 = INTEGER: 100
SNMPv2-SMI::enterprises.3495.1.1.2.0 = INTEGER: 4856
SNMPv2-SMI::enterprises.3495.1.1.3.0 = Timeticks: (1750887) 4:51:48.87
SNMPv2-SMI::enterprises.3495.1.2.1.0 = STRING: "root"
SNMPv2-SMI::enterprises.3495.1.2.2.0 = STRING: "squid"
SNMPv2-SMI::enterprises.3495.1.2.3.0 = STRING: "2.5.STABLE14"
SNMPv2-SMI::enterprises.3495.1.2.4.0 = STRING: "ALL,1"
SNMPv2-SMI::enterprises.3495.1.2.5.1.0 = INTEGER: 8
SNMPv2-SMI::enterprises.3495.1.2.5.2.0 = INTEGER: 100
SNMPv2-SMI::enterprises.3495.1.2.5.3.0 = INTEGER: 95
SNMPv2-SMI::enterprises.3495.1.2.5.4.0 = INTEGER: 90
SNMPv2-SMI::enterprises.3495.1.3.1.1.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.1.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.1.3.0 = INTEGER: 136
SNMPv2-SMI::enterprises.3495.1.3.1.4.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.1.5.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.1.6.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.1.7.0 = Gauge32: 43
SNMPv2-SMI::enterprises.3495.1.3.1.8.0 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::enterprises.3495.1.3.1.9.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.1.10.0 = Gauge32: 1015
SNMPv2-SMI::enterprises.3495.1.3.1.11.0 = Gauge32: 100
SNMPv2-SMI::enterprises.3495.1.3.2.1.1.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.3.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.4.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.5.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.6.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.7.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.8.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.9.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.10.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.11.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.12.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.13.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.1.14.0 = Gauge32: 4856
SNMPv2-SMI::enterprises.3495.1.3.2.1.15.0 = Gauge32: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.1.5 = INTEGER: 5
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.1.60 = INTEGER: 60
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.2.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.2.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.2.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.3.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.3.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.3.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.4.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.4.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.4.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.5.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.5.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.5.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.6.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.6.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.6.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.7.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.7.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.7.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.8.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.8.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.8.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.9.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.9.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.9.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.10.1 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.10.5 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.3.2.2.1.10.60 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.4.1.1.0 = Gauge32: 21
SNMPv2-SMI::enterprises.3495.1.4.1.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.3.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.4.0 = Gauge32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.5.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.6.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.7.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.1.8.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.1.0 = Gauge32: 8
SNMPv2-SMI::enterprises.3495.1.4.2.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.3.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.4.0 = Gauge32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.5.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.6.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.2.7.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.3.1.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.3.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.3495.1.4.3.3.0 = Counter32: 0
End of MIB
Any idea of a work around or a fix? Is this something that has been fixed in a
later version or is it scheduled to be fixed?
Thanks for your time.
____________________________
Matt Ausmus
Network Administrator
Chapman University
635 West Palm Street
Orange, CA 92868
(714)628-2738
[EMAIL PROTECTED]
"Man will occasionally stumble over the truth, but most of the time he will
pick himself up and continue on."
- Churchill's Commentary on Man
