GDC
SearchSite Map Contact GDCDownloadsOrder StatusJobs
Home Products Solutions News Professional Services Company Information Partners & Resellers Library

Products

ATM / MPLS / Hybrid Multiservice Solutions

Cabinets / Shelves

CSU / DSUs

NEBS Certified Routers, Switches & IP Transport

Integrated T1 / T3 / DDS IP Access

Modems/Security

Multiplexers

Network Management

xDSL Access

USDA RUS Accepted Products

GDC Federal Systems

Technical Support

Contact GDC
Network Management


Ref: CERT® Advisory CA-2002-03
Multiple Vulnerabilities in Many Implementations of Simple Network Management Protocol (SNMP)

GDC TEAM SNMP

The GDC TEAM applications use the HP OpenView NNM SNMP protocol stack for its SNMP network management communication to its SpectraComm Manager (SCM) card. The SCM contains an SNMP proxy agent.

Recommendations:

1. The SCM does not have a default read/write community name of "private" which makes it less susceptible for hackers to change device configurations or taking down the management or data network. The SCM does have a default read only community name of "public". The customer is advised to change this.

2. The major GDC network management customers usually use a separate private LAN for their management traffic to eliminate the exposure to outside illegal entry.

3. Please read below, obtain and install the HP HPOV patches from the listed sites. 

HP HPOV   NNM (Network Node Manager)
        ---------------------------------------------------------
        Some problems were found in NNM product were related to
        trap handling. Patches in process. Watch for the
        associated HP Security Bulletin.

        ---------------------------------------------------------- 
        HP-UX Systems running snmpd or OPENVIEW
        ----------------------------------------------------------
        The following patches are available now:

        PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
        PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch 

        PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated   Patch

        All three patches are available from:

        http://support.openview.hp.com/cpe/patches/

        In addition PHSS_26137 and PHSS_26138 will soon be available from:

        http://itrc.hp.com

        NOTE: The patches are labeled OV(Open View). However, the patches
        are also applicable to systems that are not running Open View.
        


        Any HP-UX 10.X or 11.X system running snmpd or snmpdm is vulnerable.
        To determine if your HP-UX system has snmpd or snmpdm installed:

        swlist -l file | grep snmpd

        If a patch is not available for your platform or you cannot install
        an available patch, snmpd and snmpdm can be disabled by removing their
        entries from /etc/services and removing the execute permissions from
        /usr/sbin/snmpd and /usr/sbin/snmpdm.


Home | Products | RUS Products | Solutions | News | Service & Support | Company Info | Partners & Resellers | Jobs
Search | Site Map | Contact GDC | Download Software | Library | Where To Buy

© General DataComm, Inc., 1997-2009. GDC Website Legal Notices. General DataComm, GDC, the GDC logo, Metroplex, Innovx, TEAM, and All Rate are registered trademarks of General DataComm, Inc. Hewlett-Packard and OpenView are registered trademarks of Hewlett-Packard. All other trademarks are the property of their respective owners.