nanog mailing list archives

Re: SNMP probers

From: "Scott M. Ballew" <smb () pern cc purdue edu>
Date: Wed, 09 Apr 1997 11:16:09 -0500

On Wed, 9 Apr 1997, Randy Bush wrote:

So every day some poor NOC person has to search these folk down with the
great tools we have, send email, get told they're nazi idiots, ...

So what do folk do about this?


Or someone could do a Tony Bates impression and collect the naughty SNMP
prober data from various providers and post a weekly hall of shame report
to this list. If there are a significant number of non-providers then this
list could also be posted on a USENET snmp group and on a web page.


Data from our site would include a certain bi-coastal router vendor
(who is not Cisco) that likes to use one of our class B networks for
"internal testing purposes", and occassionally leaks their SNMP
testing out to the Internet.

Our solution was to block SNMP access from non-local sites, regardless
of community string.  It doesn't prevent the routers from logging the
access violation, but it does prevent the remote prober from getting
any useful information.

Scott M. Ballew
Purdue Data Network
Purdue University
- - - - - - - - - - - - - - - - -

Current thread:

SNMP probers Randy Bush (Apr 09)
- Re: SNMP probers Todd Graham Lewis (Apr 09)
  - Re: SNMP probers Randy Bush (Apr 09)
- Re: SNMP probers Lyndon Levesley (Apr 09)
- Re: SNMP probers Michael Dillon (Apr 09)
  - Re: SNMP probers Scott M. Ballew (Apr 09)
- <Possible follow-ups>
- RE: SNMP probers Chris A. Icide (Apr 09)
- RE: SNMP probers Dave O'Shea (Apr 09)
  - RE: SNMP probers Randy Bush (Apr 09)
- Re: SNMP probers Bill McCauley (Apr 09)
  - Re: SNMP probers Daniel McRobb (Apr 09)
- Re: SNMP probers Mat Miller (Apr 12)
  - Re: SNMP probers Lyndon Levesley (Apr 12)
    - Re: SNMP probers Neil J. McRae (Apr 12)
    - Re: SNMP probers Deepak Jain (Apr 12)
    - Re: SNMP probers Peter (Apr 12)