Hi there, Is SNMP vulnerable? For example, during my current job, I frequently note the weak account management We noted weak account management in the following services: * Login to snmp using commonly known default user credentials.* 10.73.211.24 (hostname) (username) For example: We noted weak account management in the following services: * Login to SNMP using commonly known default user credentials.* 10.51.1.70 port 8161 (public) * 10.51.1.75 port 8161 (public) * 10.51.1.93 port 8161 (public) And also I have used tools like snmpwalk to enumerate sensitive information and informed my client about it? What are the others tools prone to snmp vulnerability? I note that Such services are vulnerable to passive network attacks such as sniffing and I frequently recommend using services that encrypts communications channels such as the following: SNMP version 3. What other recommendation are applicable?

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

SNMP vulnerability

xracerx

Hi there,

Is SNMP vulnerable? For example, during my current job, I frequently note the weak account management

We noted weak account management in the following services:

For example:

We noted weak account management in the following services:

Login to SNMP using commonly known default user credentials.
- 10.51.1.70 port 8161 (public)
- 10.51.1.75 port 8161 (public)
- 10.51.1.93 port 8161 (public)

And also I have used tools like snmpwalk to enumerate sensitive information and informed my client about it? What are the others tools prone to snmp vulnerability?

I note that Such services are vulnerable to passive network attacks such as sniffing and I frequently recommend using services that encrypts communications channels such as the following: SNMP version 3. What other recommendation are applicable?

Find more posts tagged with

Accepted answers

All comments

userunnown

It looks like you are using the default "public" string, and that is why it is coming up on vulnerability reports. You should be changing your default strings if you're using SNMP, or turning them off if you're not using SNMP depending on your organizations tolerance for security.

FormerMember

Only SNMPv3 is encrypted, but if you're on a switched network it would be hard for sniffers to gather the snmp traffic going from devices to the SNMP server as it polls and captures traps. "public" is the default snmp ro string, so anyone with an SNMP app could poll your devices and gather info, so at a minimum you need to change your snmp community strings to a more complex community string/name.