Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Hole In SNMP

Posted by timothy on Tuesday February 12, 2002 @08:03AM from the so-never-mail-passwords dept.

wiredog writes: "From ZDNET comes the news that there is apparently a serious security flaw in the Simple Network Management Protocol, used to control routers and other network devices." An anonymous reader points to the CERT advisory as well.

1 of 267 comments (clear)

Min score:

Reason:

Sort:

We're getting hit hard by Phibz · 2002-02-12 09:26 · Score: 1, Offtopic

I don't know how many of you are seeing this but in the last 5 days we've had several main machines hit including our main nfs home directory server. All Solaris 8 machines. :-(

We've noticed that all are from a group called "NSDAP" something like the Nazi propaganda arm of the Third Reich.

The files we've found left behind (hacker droppings) are /usr/lib/vold/nsdap which contains bunches about the group. /usr/bin/ls and all the other likely canidates, ps, find, su, ssh, sh, etc. are replaced. They ran a shell on port 77.
All logs and sniffer dumps etc. were emailed to angelz1578@usa.net

Rather juvenile in my opinion. Oh well its always something.

Trey