• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 518
  • Last Modified:

too many Authentication failure for SNMP

Hi all,

to security experts, I am suffering from an IP causing to me a "Authentication failure for SNMP" on my device..as I can see from the logs.

I need to know the right steps or procedures from the security engineers on dealing with such events:

1- how to protect my device
2- how to prevent it to harm me?
3-shall I send an abuse?
1 Solution
Miguel Angel Perez MuñozCommented:
On a local LAN may be a device with SNMP configured on another network that sends SNMP traps as is on her native network.
1- how to protect my device

Locate the source of these authentication failures on the LAN and determine the cause for the failure and either disconnect the device from the LAN or resolve the authentication issue. Likely this is a device setup to send traps with an incorrect community string.

2- how to prevent it to harm me?

No harm will be done other than log polluton from the excessive failure attempts. However, if it is a brute force of some type you will need to locate the device and disable it.

3-shall I send an abuse?

This is a device located on the LAN segment and likely just a misconfiguration so I would do some detective work first before anything else.
besmile4everAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now