LAST UPDATED: 2022-08-29
This report identifies hosts with SNMPv2 publicly accessible, that are responding to the community “public”, and that have the potential to be used in amplification attacks by criminals who wish to perform denial of service attacks.
The OID being probed for is 1.3.6.1.2.1.1.1.0 (sysDescr) and if the host responds to that probe, the host is then probed for OID 1.3.6.1.2.1.1.5.0 (sysName). The analogous shell commands would be:
snmpget -c public -v 2c [ip] 1.3.6.1.2.1.1.1.0
snmpget -c public -v 2c [ip] 1.3.6.1.2.1.1.5.0
For more details behind the scan methodology and a daily update of global SNMP scan statistics please visit our dedicated SNMP scan page.
You can learn more on the report in our Open SNMP Report tutorial.
You can learn more on our reports in general in our Overview of Free Public Benefit Shadowserver Reports presentation, which also explains example Use Cases.
For more information on our scanning efforts, check out our Internet scanning summary page.
Filename: scan_snmp