@Much ado about nothing
"Go on, show me a SNMP enabled device that coughs out usernames and passwords on demand."
DLINK DSL 604+ router, for a start. Read access to SNMP is sufficient to escalate privs and pwn the router.
Why is this ? I hear you ask in astonishment. Well because if external SNMP is enabled, so is external telnet. In fact, most DSL 604 owners wouldn't even know that they were switched on, since the option that you would tick (and which is ticked by default, IIRC) is "Enable Remote Administration" which makes the admin web page available remotely. Oh, and disabling remote admi doesn't stop SNMP or telnet from running inside the network either. In order to do that, you have to TFTP the config files off the router, edit a couple, and then TFTP them back. And as for TFTP, well, tha'ts also a lot of fun :-)
And the SNMP read community name is the same as the telnet access password. And you can't stop this from being true.
Oh, and for some more fun, if you get the SNMP read community name (which is defaulted to public) you can read the SNMP write community name (althogh since this defaults to private...) out of DLINK's enterprise MIB using snmpwalk or similar, as well as WEP keys, ISP login details, etc, etc. *
So there you go, there's one. Some older 3Com enterprise kit did similar stuff, although I can't remember which ones off the top of my head.
Often lots of juicy inph0s in the enterprise MIBs if you look, and there's lots of old forgotten kit out there running SNMP.
Now off you pop and run nmap and snmpwalk on all your network attached kit. You'd be suprised what sort of stuff is running SNMP agents without you knowing it. Got a network printer ? Running SNMP. Switches ? Probably running SNMP unless you disabled it. PABX got an ethernet card so you can run remote admin on it ? Running SNMP.
Also, bear in mind that SNMP (at least <= v2, I've never had any kit that actually bothered to use v3) won't log failed auth attempts, either.
Go, have fun, enjoy. And then come back and tell us whether you still think it's scaremongering,
*Now then, what was that someone said about 'Hackers' not doing their own research the other day ? :)
Skully, because, well, yarr!