Educause Security Discussion mailing list archives
Re: snmp queries from client machines
From: Justin Azoff <JAzoff () UAMAIL ALBANY EDU>
Date: Tue, 17 Apr 2007 15:33:33 -0400
David Warner wrote:
I have a couple of student machines that seem to be doing a snmp get on the OID for system name(1.3.6.1.2.1.1.5.0) with a community of public. They seem to be specifically querying the routers on the resnet subnet. This generates an alarm on the routers but hasn't affected anything else as far as I know. This seems to occur about every 15 minutes. Are there any know exploits or spyware that might display a pattern like this? David Warner, CCNA Network Specialist
Usually this is caused by (poorly written) software that came with a printer or similar device. They probably have no idea it is probing your routers, but they should be able to figure out which program it is and turn it off. -- -- Justin Azoff -- Network Performance Analyst
Current thread:
- snmp queries from client machines David Warner (Apr 17)
- <Possible follow-ups>
- Re: snmp queries from client machines Justin Azoff (Apr 17)
- Re: snmp queries from client machines H. Morrow Long (Apr 17)