SNMP Enumeration

What is SNMP?

The Simple Network Management Protocol is used to manage and monitor hardware devices connected to a network. To utilise SNMP in this fashion you need three distinct components:

• Network Management System

• SNMP Agents

• Managed devices (SNMP agent deployed)

The managed devices records information and by use of the deployed agent communicates with the overarching Network Management System.  This information is stored in  a Management Information Base (MIB).

SNMP is dangerous as it is a clear text protocol and as such could potentially provide valuable information to an attacker

You may have heard of SNMP Community Strings, the default are Public and Private.  Should you be utilising SNMP in your domain, these should be changed as they are the first strings that an attacker will try to gain information about your network and more dangerously, control over your hardware.

Another term of note is SNMP Traps, this is generally when a device has been configured to receive pre-configured alerts/ information from other clients.

SNMP uses UDP Port 161 to communicate.

A more detailed explanation and links to associated documentation and RFC's etc. can be found here.

Hopefully the tools I have reviewed will go some way to help you enumerate any SNMP servers you find.