Open SNMP servers are used as reflector in distributed reflected denial of service (DDoS) attack. In this article we show how to protect your SNMP server against abuse.
Step 1
Open the file '/etc/snmp/snmpd.conf':
sudo nano /etc/snmp/snmpd.conf
Step 2
Change the value of 'AgentAddress' to udo:127.0.0.1:161. Any additional AgentAddress should be removed or commented out. Save and close the file afterwards (ctrl + x > y > enter).
Step 3
Use the following command to restart the SNMP server:
service snmpd restart
You can very that your server is no longer vulnerable using the command:
netstat -ln | grep 161 | grep -v 127.0.0.1
This command should return no results.
Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.