• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 516
  • Last Modified:

too many Authentication failure for SNMP

Hi all,

to security experts, I am suffering from an IP causing to me a "Authentication failure for SNMP" on my device..as I can see from the logs.

I need to know the right steps or procedures from the security engineers on dealing with such events:

1- how to protect my device
2- how to prevent it to harm me?
3-shall I send an abuse?
0
besmile4ever
Asked:
besmile4ever
1 Solution
 
Miguel Angel Perez MuñozCommented:
On a local LAN may be a device with SNMP configured on another network that sends SNMP traps as is on her native network.
0
 
0xSaPx0Commented:
1- how to protect my device

Locate the source of these authentication failures on the LAN and determine the cause for the failure and either disconnect the device from the LAN or resolve the authentication issue. Likely this is a device setup to send traps with an incorrect community string.

2- how to prevent it to harm me?

No harm will be done other than log polluton from the excessive failure attempts. However, if it is a brute force of some type you will need to locate the device and disable it.

3-shall I send an abuse?

This is a device located on the LAN segment and likely just a misconfiguration so I would do some detective work first before anything else.
0
 
besmile4everAuthor Commented:
thnks
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now