SNMP probers

• Previous message (by thread): SNMP probers
• Next message (by thread): SNMP probers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'd ignore it. Having leaked a few (less than a million, I'm sure) SNMP 'gets' because I fat-fingered a subnet mask, or let a traceroute-based discovery routine go awry, or was just plain curious... 

-----Original Message-----
From:	Randy Bush [SMTP:randy at psg.com]
Sent:	Wednesday, April 09, 1997 9:28 AM
To:	nanog at merit.edu
Subject:	SNMP probers

What do folk do about persistent SNMP probers?  I.e. j random clueless sites
which keep querying one's backbone router(s).  E.g. this morning I get the
NOC shift change report with the folk hammering on our routers as if we were
stupid enough to use 'public' as the community string.

> mae-east	Bad community string from 194.168.51.4
> mae-east	Bad community string from 193.38.113.216
> mae-west	Bad community string from 202.85.254.5
> mae-west	Bad community string from 206.79.240.190
> mae-west	Bad community string from 193.38.113.216
> pdx		Bad community string from 204.119.24.200
> pen		Bad community string from 164.117.144.245
> pen		Bad community string from 193.38.113.216
> paix		Bad community string from 204.79.240.190

So every day some poor NOC person has to search these folk down with the
great tools we have, send email, get told they're nazi idiots, ...

So what do folk do about this?

randy

• Previous message (by thread): SNMP probers
• Next message (by thread): SNMP probers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]