Simple network management protocol (SNMP) is a protocol for gathering and modyfing information about devices on an IP network.
Questions tagged [snmp]
12 questions
4
votes
1 answer
Nmap snmp-info.nse Security Name
I'm attempting to issue an snmpget request to a device but i'm unable to determine the security name. Running the Nmap snmp-info.nse is successful and no Security Name is required to successfully run the script. Is there any way of retrieving the…
16b7195abb140a3929bbc322d1c6f1
- 3,334
- 4
- 15
- 20
2
votes
1 answer
Examples of SNMP
I grasp a basic theoretical knowledge about SNMP. However, I saw several events from our SIEM showing that a client endpoint generated SNMP events with port 161 and concluding that this host could be a local UDP scanner or something like that.
How…
sanba06c
- 103
- 9
1
vote
0 answers
List of default SNMP MIB tree values / OIDs?
I'm trying to find a resource that lists default SNMP mib values and object identifiers for various vendors / operating systems to use with snmpwalk. I have a list of MIB tree values for Microsoft Windows SNMP but can't find lists for other vendors.…
Michael A
- 177
- 8
1
vote
3 answers
Is running SNMP v2c really insecure and can lead to compromisses?
I currently use SNMP v2c to monitor switches, servers, ect... to graph for performance. Question in terms of SNMP.
Everyone says that running SNMP insecure is a security risk. How is a graphing protocol designed to transmit messages insecure? Is the…
Jason
- 3,086
- 4
- 20
- 24
0
votes
0 answers
SNMPv3 polls with encrypted usernames
When I perform SNMPv3 polls, I still can see the username in plain text in Wireshark. I find that a slight security risk. I mean knowing the username is a little step further ahead compared to not knowing the username nor the password.
I mean in…
AhmedWas
- 101
- 1
0
votes
1 answer
SNMP Enumeration
I'm scanning a machine that has the UDP port 161 open and I'm not able to run snmpwalk against it as I'm returned with the error:
Timeout: No Response from
I tried to run the onesixtyone tool to bruteforce the community string with different…
1afx0
- 1
- 1
- 3
0
votes
2 answers
Nmap with snmp-brute script freezes at 33.33%
I'm currently undergoing a penetration testing course where I discover the basics and I have a task where I need to perform SNMP enumeration on a target.
My working environment is as follows :
Host : Windows 10 (64-bit)
Oracle VM VirutalBox machines…
DisplayNeth
- 123
- 4
0
votes
1 answer
Why is SNMP vulnerable to IP Spoofing?
I read on Wikipedia's Article on SNMP
SNMPv1 and v2 are vulnerable to IP spoofing attacks, whether it runs
over TCP or UDP, and is a subject to bypassing device access lists
that might have been implemented to restrict SNMP access.
I'd like…
PhantomR
- 101
- 1
0
votes
1 answer
SNMP - need help with terminology
In many resources, I see that community strings are also called default passwords. But in the Server Manager, I see "Community name" and it makes more sense.
So why people often use the phrase "default password"? If we enumerate the information by…
Klos
- 31
- 2
0
votes
1 answer
What does "DECed" mean in Network Security?
As in this MIB documentation: http://www.circitor.fr/Mibs/Html/F/FORTINET-FORTIGATE-MIB.php#fgIpsAnomalyDetections
fgIpsAnomalyDetections 1.3.6.1.4.1.12356.101.9.2.1.1.9
Number of intrusions DECed as anomalies since start-up in this virtual domain
Ferdinand.kraft
- 103
- 2
0
votes
1 answer
IPsec down with unusual SNMP traffic
Time to time IPSec tunnel status become down, with unusual SNMP Traffic. when I disable and enable port manually, it become normal.
I am using 200E fortigate firewall.
Have you any idea or previous experience with this issue?
Infra
- 650
- 1
- 6
- 19
0
votes
1 answer
Feeding Azure portal logs into a SIEM solution
Currently working on a cloud transformation project where all infrastructure is being placed into Azure.
We currently use a SIEM solution to monitor and assess events across the environment. The adoption of Azure has added an additional level of…
JLPH
- 107
- 4