[8516] in North American Network Operators' Group
Re: SNMP probers
daemon@ATHENA.MIT.EDU (Todd Graham Lewis)
Wed Apr 9 11:21:49 1997
Date: Wed, 9 Apr 1997 11:05:57 -0400 (EDT)
From: Todd Graham Lewis <lists@reflections.eng.mindspring.net>
To: Randy Bush <randy@psg.com>
cc: nanog@merit.edu
In-Reply-To: <m0wEyMU-000IUoC@roam.psg.com>
On Wed, 9 Apr 1997, Randy Bush wrote:
> What do folk do about persistent SNMP probers? I.e. j random clueless sites
> which keep querying one's backbone router(s). E.g. this morning I get the
> NOC shift change report with the folk hammering on our routers as if we were
> stupid enough to use 'public' as the community string.
(...)
> So every day some poor NOC person has to search these folk down with the
> great tools we have, send email, get told they're nazi idiots, ...
>
> So what do folk do about this?
So long as they only probe with the "public" string, we ignore it. If
they start trying to guess our strings, then we go after them. Most of
our equipment can tell the difference, and we bug vendors to fix the rest.
__
Todd Graham Lewis MindSpring Enterprises tlewis@mindspring.com
