Security Basics mailing list archives
SNMP attempts every 10 minutes
From: k7.fantr () gmail com
Date: 11 Jan 2008 20:33:27 -0000
There is a machine on our network that is trying and failing to authenticate with the snmp trap on our core switch every 10 minutes. I can not seem to isolate what is making the requests. Based on scans that I have run, there is no know malware (nothing detected anyway). No services running appear to stop the requests after being turned turned off, and after installing a host based firewall and reviewing the logs, as well as running wireshark and reviewing a 2 hour capture, I can not seem to pin point anything making requests to that switch at all. It is the only machine on the network of about 900 that is doing this. I want the machine removed so that I can investigate further, but I am getting resistance from the IT Manager and support (no time.. not necessary..). Has anybody seen this before? Am I wrong to want this removed? Thanks in advance.
Current thread:
- SNMP attempts every 10 minutes k7 . fantr (Jan 14)
- Re: SNMP attempts every 10 minutes Paul J. Brickett (Jan 14)
- Message not available
- Re: SNMP attempts every 10 minutes Paul J. Brickett (Jan 14)
- Message not available
- Re: SNMP attempts every 10 minutes Paul J. Brickett (Jan 14)
- Re: SNMP attempts every 10 minutes Ivan . (Jan 15)
- Re: SNMP attempts every 10 minutes k7 fantr (Jan 15)
- Re: SNMP attempts every 10 minutes Ivan . (Jan 15)
- RE: SNMP attempts every 10 minutes Erik Soosalu (Jan 15)
- RE: SNMP attempts every 10 minutes Nhon Yeung (Jan 15)
- Re: SNMP attempts every 10 minutes k7 fantr (Jan 15)
- Re: SNMP attempts every 10 minutes Tremaine Lea (Jan 15)
- <Possible follow-ups>
- Fw: SNMP attempts every 10 minutes Kal Hartstein (Jan 15)
- Re: Fw: SNMP attempts every 10 minutes Micheal Espinola Jr (Jan 15)