(22-01-2014, 05:50 PM)jedilord9 Wrote: The fact of the matter is, there is no private unseen community string. The config file tftp'd to the modem from the cmts bootstraps the modem, so it contains all the information needed for the modem to run, including respond to snmp requests. ABM is trolling everyone with misdirection for shits and giggles.yes you are right
Think about it, if there was some magical private community string (which isn't even defined in IOS) that was sent during a FW update or some other magical time, wouldn't that same technique be used to set every other property such as speeds, filters, etc.
Community strings are defined in the config, plain and simple. There may be x509 certs used in place of community strings for snmp query, but that isn't a string.
If you cant scan and you exhausted all options, your cmts implements ACL, which prevents any CM with a certain MAC or within an IP range to do snmp and the likes.
Quit bullshitting people ABM.
the only cable modem config passwords can drive it over snmp + also there is another password unique for motorola sb5101 and for other modems too which can be read via mibwalk and is already posted on that site
so if modems doesnt repply to its config passwords - then it should repply to its unique private password comming from mibs
but on my isp i cannot ping any devices from internall ip there is some kind of firewall
@abmjr thinking that every isp uses same things like american comcast but its not true
my isp have permamently disabled ping from locall ip - it use snmp only for modem diagnostics directly from cmts
and register modems only using VPN propably thats why that ping is disabled and all ports from inside
i wrote here many times that this is bullshit about that ^magic non existed private snmp password from isp^ but nobody hear me
sure there are more snmp passwords on your network but for other things like read diagnostic status of cmts etc etc..
in my network:
-cable modem snmp replay only to following ip - ^cmts ip^ + ^broadband access center ip^ + ^tftp ip^
the rest of ip havent any privileges to pimp any cable modem using snmp cant even ping them
even if i clean config with those ip adress restrictions or modiffy and puts on it my ip - i cant
so the modems are beetwen firewall acl list
i was trying many crazy ways for over few months to get snmp access and i cant