SANS Tool Detects SNMP
eWeek Labs has tested a free tool from the SANS Institute that makes it much easier and faster to find rogue SNMP.Network administrators have been scrambling on the recent news about the serious security vulnerability in SNMP, but port scanners have proved ill-equipped for the task of full SNMP disclosure. eWeek Labs has tested a free tool from the SANS Institute that makes it much easier and faster to find rogue SNMP. SNMPing, available for download from www.sans.org, is a simple Windows-based tool that can quickly scan all systems in a network to find those running SNMP. The tool searches on port 161, the default for SNMP, but it can be configured to look at any port.
In less than 2 minutes, SNMPing scanned our entire Class C lab network for rogue SNMP, and we were surprised by the results: The tool detected a network printer, a wireless access point and a test NetWare server that had SNMP enabled.