|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SNMP probers
> On Wed, 9 Apr 1997, Randy Bush wrote: > > > So every day some poor NOC person has to search these folk down with the > > great tools we have, send email, get told they're nazi idiots, ... > > > > So what do folk do about this? > > Or someone could do a Tony Bates impression and collect the naughty SNMP > prober data from various providers and post a weekly hall of shame report > to this list. If there are a significant number of non-providers then this > list could also be posted on a USENET snmp group and on a web page. Data from our site would include a certain bi-coastal router vendor (who is not Cisco) that likes to use one of our class B networks for "internal testing purposes", and occassionally leaks their SNMP testing out to the Internet. Our solution was to block SNMP access from non-local sites, regardless of community string. It doesn't prevent the routers from logging the access violation, but it does prevent the remote prober from getting any useful information. Scott M. Ballew Purdue Data Network Purdue University - - - - - - - - - - - - - - - - -
|