Can Your SNMP Service Be Hacked? Detect Weak Passwords and Harden Them Across All Platforms
This guide explains how to use nmap scripts to discover SNMP weak passwords, demonstrates various exploitation commands, and provides step‑by‑step hardening procedures for Windows, Linux, AIX, Solaris, and Cisco devices, including community string changes, whitelist configuration, and service management.
SNMP Weak Passwords and Security Hardening
Weak Password Detection
nmap -sU -p161 --script=snmp-brute ip // Find SNMP weak passwordsWeak Password Exploitation
nmap -sU -p161 --script=snmp-netstat ip // Get network port status
nmap -sU -p161 --script=snmp-sysdescr ip // Get system information
nmap -sU -p161 --script=snmp-win32-user ip // Get user informationOther Exploitation Methods
snmputil walk ip public .1.3.6.1.2.1.25.4.2.1 // List system processes
snmputil walk ip public .1.3.6.1.2.1.25.6.3.1.2 // List installed software
snmputil walk ip public .1.3.6.1.2.1.25.1.1.2 // List system information
snmputil get ip public .1.3.6.1.2.1.4.1.77.1.4.1.0 // List domain name
snmputil walk ip public .1.3.6.1.2.1.4.1.77.1.2.25.1.1 // List system usersSecurity Hardening
Locate: Use the SNMP weak‑password port to locate process ID and name.
Assess: Determine whether the running process is business‑related and whether it needs to be exposed externally.
Configure: If the service is unrelated, close the port (kill PID). If it is required, replace the weak community string with a strong one and apply whitelist controls.Configure Passwords
Windows
Method 1:
1. Open Services → SNMP Service → Properties → Security.
2. Change the community name (SNMP password).
3. Configure whitelist.
4. Restart the service.
Method 2:
1. Run regedit.
2. Modify the weak community string:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
Delete "public" and replace with a strong password.
3. Set whitelist:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagersLinux
Method 1:
1. Edit the default community string:
vi /etc/snmp/snmpd.conf (change "public" to a strong string)
2. Optionally enable iptables (note possible performance impact).
3. Restart the SNMP service.AIX
Default is snmpv3. Change community string in /etc/snmpdv3.conf or downgrade to v1.
Method 1:
1. Switch to v1: /usr/sbin/snmpv3_ssw -1
2. Stop service: stopsrc -s snmpd
3. Backup and edit password:
cp /etc/snmpd.conf /etc/snmpd.conf.bak
vi /etc/snmpd.conf
4. Restart service: startsrc -s snmpd
Method 2:
1. Stop service: stopsrc -s snmpd
2. Backup and edit password in snmpdv3.conf:
cp /etc/snmpdv3.conf /etc/snmpd.conf.bak
vi /etc/snmpdv3.conf
3. Restart service: startsrc -s snmpdSolaris
1. Edit /etc/sma/snmp/snmpd.conf and replace the rocommunity "public" with a complex password.
2. Restart the SMA service:
svcadm disable sma
svcadm enable smaCisco
1. Enter configuration mode:
configure terminal
2. Delete default community names:
no snmp-server community public RO
no snmp-server community private RW
3. Set new community names:
snmp-server community security_partNer_guest RO // read‑only
snmp-server community security_partNer_admin RW // read‑writeReference: Original Article
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.