Re: RE: SNMP worm?

[hein () blubber com]

Are you lot sure that this SNMP traffic really originates from your networks? SNMP can easily be spoofed. So far we 
noticed nothing in our logs and the only scans come from myself. I would rather guess that a script kiddie is on the 
lose again and tries to play with SNMP. Well it can be rather fun to scan for SNMP. The amount of open devices one can 
find is scarey, not to talk about community names like public, private and ILMI. I would have a look at the community 
strings used to see if its a scan or if somebody tries a Dictionary attack. The best option is however to implement 
access lists accordingly and use very strong Community names.