Cisco Blogs


Cisco Blog > Security

SNMP: Spike in Brute-force Attempts Recently Observed

Simple Network Monitoring Protocol (SNMP) has been widely deployed as an important network management tool for decades, is a key component of scalable network device management, and is configurable in nearly all network infrastructure devices sold today. As with any management protocol, if not configured securely, it can be leveraged as an opening for attackers to gain access to the network and begin reconnaissance of network infrastructure. In the worst case, if read-write community strings are weak or not properly protected, attackers could directly manipulate device configurations.

Cisco has recently seen a spike in brute-force attempts to access networking devices configured for SNMP using the standard ports (UDP ports 161 and 162). Attacks we’ve observed have been going after well known SNMP community strings and are focused on network edge devices. We have been working with our Technical Assistance Center (TAC) to assist customers in mitigating any problems caused by the brute-force attempts.

While there’s nothing new about brute-force attacks against network devices, in light of these recent findings, customers may want to revisit their SNMP configurations and ensure they follow security best practices, including using strong passwords and community strings and using ACLs to restrict access to trusted network management endpoints.

Cisco has published a number of best practices documents for securing the management plane, including SNMP configuration:

Tags: , , , , ,

Leave a comment

2 Comments.


  1. Link for XR devices is faulty,
    please use this one:
    http://www.cisco.com/web/about/security/intelligence/CiscoIOSXR.html#28

       0 likes

  2. John Stuppi

    Thanks for letting us know – it has been fixed!

       0 likes

Leave a Reply

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Earn badges for your comments. Start today! Creating an account is fast and easy.
Learn More.

Already a rewards member?