HPE Community
Server Management - Systems Insight Manager
1836413 Members
2771 Online
110100 Solutions
New Discussion

SIM using portscans or community name guessing ?

 
Mikael Rönnbäck
Super Advisor

‎10-03-2004 11:20 PM

‎10-03-2004 11:20 PM

SIM using portscans or community name guessing ?

Our security department asked me if I could verify that the SIM server is responsible for this or if there's something else to be looked into. They have received alerts in the IDS system that the SIM server is performing portscans and "SNMP community name guessing" towards a number of target servers.

Does anyone know if this is the method SIM 4.1 operates ? We did not get these alerts when we used the old CIM 7 installation.
0 Kudos
Reply
2 REPLIES 2
Joel Rubenstein
Honored Contributor

‎10-04-2004 01:16 AM

‎10-04-2004 01:16 AM

Re: SIM using portscans or community name guessing ?

During the device identification task SIM will attempt to use each SNMP community string name defined in the global protocol settings. Once it has determined the actual community string name used by the device it stores this information in the nodesecurity.xml file and should no longer need to perform any "SNMP community name guessing".
0 Kudos
Reply
Ivan KOVAC
Respected Contributor

‎10-04-2004 01:24 AM

‎10-04-2004 01:24 AM

Re: SIM using portscans or community name guessing ?

Hello

I now that under Global Protocol settings is option to enter more then one Read community string. The identification process attempts communication to the system using each of entered communities until a successful response is obtained. Is this "SNMP community name guessing"?

i.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.