• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 60
  • Last Modified:

SNMP question

Recently I received a call from our security team and they found a cisco router could be accessed thru 3 public fixed IP with SNMP.
I checked the router config but did not see any clue.
Would there be any thing I should look further in the router in order to verify?
0
techy98
Asked:
techy98
  • 2
1 Solution
 
netcmhCommented:
Once logged in, issue the "show running-config |  inc snmp-server" command.

You'll see:

snmp-server community public RO

or something like that. Change it to something more secure and turn off SNMP access from the outside via ACLs.
1
 
techy98Author Commented:
Thanks Netcmh! For example, if the range of public fixed ip is 1.1.1.0/25, then 1.1.1.30, 1.1.1.31 and 1.1.1.126 can be accessed from outside and SNMP v2 can only be used. Based on your suggestion, should I configure like this?

conf t
access-list 110 deny udp any any eq snmp
access-list 110 permit ip any any interface f0/0
access-group 110 in
0
 
netcmhCommented:
Close.

conf t
 access-list 110 deny udp any any eq snmp
 access-list 110 permit ip any any
interface f0/0
 access-group 110 in
0
 
arnoldCommented:
Before adding the above, make sure what the current external acces list if any us applied, usually incoming ACL includes access restriction I.e. Management of the device from dedicated locations.
The scan might be originating from "authorized" location within the company I.e. The restriction is in place from external sources.

There are SNMP tools, try to see if you can access it from outside your companies network
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now