The Simple Network Management Protocol (SNMP) is an extremely useful protocol for monitoring and managing TCP/IP networks. Most networked systems come with at least a basic SNMP service enabled by default, allowing you to collect information about your network remotely. If write access is enabled, SNMP can also be used to configure devices on your network remotely.
Since read-only SNMP is enabled by default on many systems, it is an attacker’s dream. An attacker can use SNMP to map out your entire network, find out MAC and IP address binding, and even find out exactly what hardware you are using and what software versions you are running. At attacker can then use that information to search vulnerability databases and analyze your network for vulnerable trust relationships.
The following example shows just how much information an attacker can gain about your router and network through unsecured SNMP. Using the Net-SNMP snmpwalk program to get the routers system information through SNMP, you see:
snmpwalk -v1 RouterOne public systemsystem.sysDescr.0 = Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-DO3S-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by cisco Systems, Inc. Compiled Tue 17-Aug-99 13:18 by cmong system.sysContact.0 = Jane Doe <firstname.lastname@example.org> - Office BB 983 - x3334 system.sysName.0 = RouterOne system.sysLocation.0 = Building A Basement - Closet 936
You now have the exact hardware and ...