cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

SNMP TCP Port is Open on Nexus 3K

salam.ahmad1
Level 1
Level 1

 Hi all,

While configuring a new nexus 3K, I'd noticed some strange behavior I couldn't resolve regarding snmp.

 

I'd set up communities, bind to an access-list with certain permission to query the equipment, and it works. only permitted hosts in the acl allowed to query the equipment.

This is available only with issuing the command snmp-server protocol enable

The problem is, that once this is enabled, the snmpd process opens incoming access to tcp/161 with no dependency whatsoever to the acl.

NMAP from the world

[13:16]netmon~$ nmap <host>

Starting Nmap 4.20 ( http://insecure.org ) at 2015-03-02 13:18 IST
Interesting ports on <host> (ip)
Not shown: 1695 closed ports
PORT    STATE SERVICE
161/tcp open  snmp
 

Telnet from the world

[13:18]netmon~$ telnet <host> 161
Trying (ip)...
Connected to <host>
Escape character is '^]'.

Connection closed by foreign host.

Process Outputs

N7K-1-vdc1# sh processes | i snmpd
 7996      S  f6d914b2            1     -    VL  snmpd

N7K-1-vdc1# sh process stack 7996
PID: 7996, Cmdline: /isan/bin/snmpd-f-sudp:161udp6:161tcp:161tcp6:161
Process Kernel Stack:
[<ffffffff802cabfa>] [<ffffffff802edc38>] [<ffffffff802ee046>] [<ffffffff802298e2>] [<ffffffffffffffff>]

 

Re-published from  

Who Me Too'd this topic