One of the tasks that I have from one day to the next is to scan networks looking for trouble. Anything from open ports to rogue systems that happen to come online. One of the frustrating things that I see is the usage of default SNMP community strings on devices.
SNMP or Simple Network Management Protocol, for the uninitiated, is used in the network management of devices. The basic security aspect of these devices is the use of a community string. Now, network folks, I love ya, I used to be one but, come on now. Please ensure that you change the default strings when rolling out a new network device.
Most often, there is one community string which is used for read-only access to a network element. The default value for this community string is often “public“. Using this community string like a password, the NMS can retrieve data from network elements.
Less often, there is also a read-write community string. The default value for this is often “private“. Using this community string, the NMS can actually change MIB variables on a network element.
This will provide someone with the means if they bring they motive. Be sure to change these otherwise you might find ports mysterious flapping or switches bouncing. Just my rant for the day.
[tags]SNMP, Default Community Strings, Public String, Private String[/tags]