Transcript for this video
SilverCreek is an SNMP vulnerability test suite intended to help network administrators and developers verify the robustness of network devices in the face of SNMP packet decoding vulnerabilities.
These vulnerabilities were the subject of the CERT advisory number CA20203.
The main SilverCreek window consists of four sections.
The menus through which you will access most of SilverCreek’s functions are here at the top.
The Test Suite section is here on the left.
On the right, you can view the tests contained in each test suite, and the details and results of those tests.
At the bottom is the status bar. Here you can see test result totals as well as other information regarding the status of SilverCreek.
The tests are organized by suite.
Currently listed are the tests in Suite 1, SNMP version 1 vulnerability tests.
To begin testing a network device for vulnerabilities, you need to enter the agent’s information into the agent configuration dialog.
This will give SilverCreek the information it needs in order to connect with the agent.
To do this, click the new agent icon in your toolbar.
Enter the IP address of the device that you would like to test.
Next, select the SNMP version you’d like to use.
In this example, we are using version 3.
Click “okay,” and SilverCreek will make the connection.
Beneath the toolbar, SilverCreek displays the system description of the device to which it is connected.
Once you have set up your agent, you can save your configuration.
This can save you from having to re-enter this information next time you test this agent.
To do this, click on the “save agent setup” icon and choose an appropriate name for the agent.
To begin vulnerability testing on the selected device, you will first need to switch to the suite that corresponds to the agent’s version of SNMP.
In this example, we’re using the SNMP agent version 3 vulnerability tests.
To run the tests, open the tests menu, then go to run, and select one of the following options.
“Next” will run the next test in the suite that has yet to be run.
In this case, since no tests have yet been run, it will run the first test.
“Selected” will run whichever test or tests you have currently selected.
“All” will run all tests in the currently selected suite.
Want to Know More?
|Find more videos||How to buy||Contact an Expert|