Results 1 to 3 of 3

Thread: SNMP Broadcast

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

December 17th, 2003, 04:11 PM #1
netknow

View Profile

View Forum Posts

Visit Homepage
Junior Member

Join Date

Jun 2002

Posts

15
SNMP Broadcast

Does any one know of a worm or a hack that uses SNMP Broadcast on port 161 on a Windows NT 4 service pack 6a machine? I am picking up about 4 broadcast a minute on the snort logs coming from the NT 4 server. The broadcast is flooding the entire network and have been occuring for about a week and half now. The broadcast address is 255.255.255.255:161 and on the machine, and the SNMP packets originate from ports ranging from 1045-4976, and broadcast in sequential order, but not exactly 1045.1046,1047. It is more like 1045,1051,1066,1101,.. and so forth. Any help would be appreciated.
Reply With Quote

Quick Navigation Microsoft Security Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: SNMP Broadcast

Thread Tools

Display

Threaded View

SNMP Broadcast

Posting Permissions