RE: Traffic SNMP

The protos link below should have all the information you need. These are test 
cases for snmp ans.1 vulnerabilities.

What are you trying to accomplish? There may be better tools or sources then 
this if I knew better what your goal is.


Donald.Smith@xxxxxxxxx GCIA 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
I reserve the right to be wrong but don't exercise it too often.


-----Original Message-----
From: intrusions-bounces@xxxxxxxxxxxxxx 
[mailto:intrusions-bounces@xxxxxxxxxxxxxx] On Behalf Of 
=?iso-8859-1?Q?Danny_Perez_
Sent: Thursday, May 27, 2004 2:03 PM
To: Intrusions List (GCIA Practicals)
Subject: RE: [Intrusions] Traffic SNMP


Hi Donald,
 
I want to ask you where can i find the pdu's that you mention and if you know 
any java engine to generate those packets that i can use?. Thanks.

h, Donald" <Donald.Smith@xxxxxxxxx> wrote:
As far as I know there are no SNMP "dumps" on the protos site. There are pdu's 
which are feed to a java engine to generate packets so you could easily use 
that to generate "BAD" SNMP traffic.


Donald.Smith@xxxxxxxxx GCIA 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC "The name 
"UNIX" is merely a pun on Multics; in areas where Multics attempted to do many 
things UNIX tried to do one thing well" The design and Implementation of the 
4.3 BSD UNIX OS 

> -----Original Message-----
> From: intrusions-bounces@xxxxxxxxxxxxxx
> [mailto:intrusions-bounces@xxxxxxxxxxxxxx] On Behalf Of Vasily Tomilin
> Sent: Thursday, May 20, 2004 2:51 AM
> To: intrusions@xxxxxxxxxxxxxx
> Subject: Re: [Intrusions] Traffic SNMP
> 
> 
> Hi Danny,
> 
> I suppose you could also check the Protos projects Web-site
> (http://www.ee.oulu.fi/research/ouspg/protos/).
> Although it's not directly related with SNMP traffic analysis 
> the project has the SNMP-test-suite that uses typical SNMP 
> realization bugs for checking if the realization tested is correct.
> 
> In practice it means there's a plenty of dumps that may be
> helpful when analyzing SNMP vulnerabilities.
> 
> --
> Best regards,
> Vasily Tomilin
> ICQ 36278155
> mailto:tomilin@xxxxxxxxxx
> 
> _______________________________________________
> Intrusions mailing list
> Intrusions@xxxxxxxxxxxxxx
> http://www.dshield.org/mailman/listinfo/intrus> ions
> 
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx http://www.dshield.org/mailman/listinfo/intrusions

Danny Perez
                
---------------------------------
Correo Yahoo!: 6MB, más protección contra el spam ¡gratis! 
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx http://www.dshield.org/mailman/listinfo/intrusions
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx
http://www.dshield.org/mailman/listinfo/intrusions