Wednesday, January 7, 2015

The lack of security in the internet by security engineers

Here's a post rant of just the crap  that makes the internet so bad and suspect. Here's a snmpget on a edge facing firewall. The engineers and firewalls are from  huawei btw.


The above is installed in a production celluar data provider network. Just, $sad$ in so many ways.



Even the numerous huawei  security notices tells you  to watch out & restrict snmp access.

http://support.huawei.com/support/pages/news/NewsInfoAction.do?actionFlag=view&doc_id=IN0000054930&colID=ROOTENWEB|CO0000000170


Looking at the above security anonoucement , I can conclude that this firewall is;

1: probably at risk
2: not running the latest code  from huawei
3: should never have  ReadWrite Access via a community string of "private"  ( yes  RW was set for private, RO = public no restrictions )
4: much less open to the untrusted internet on a public interface
5: uses  some very weak logins 









So without trying this is what I gathered from a snmpwalk using the RW community of "private".


reference for mibs

http://www.oidview.com/mibs/2011/HUAWEI-AAA-MIB.html


Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix  -----a----t---- socpuppets ---dot---com

    ^     ^
=(  *  * )=
        o 
       /  \


No comments:

Post a Comment