Block snpm from outside

Options
RolfKlein
RolfKlein Posts: 1
in Security
Dear community,

my service Provider is reporting to me our router has an 
"open simple network management protocol" 

ip address: www.xxx.yyy.zzz
source_port: 161
ServiceName: snmp
asn: 3209
TransportProtocol: udp
sysdesc: ZyWALL 110
sysname: zywall-110

They asked to close the port because of possible DDoS-Reflection-Attacks.

I tryed to close it by adding a security policy:

from: WAN
to: Zywall
IPv4 Source: any
IPv4 Destination: any
Service: SNMP_UDP
User: any
Shedule: none:
Action: deny

but this does not take any effect.
Can anybody give me advise how to close the Port? Our System is the ZyWALL 110.

Thanks in advance.

Accepted Solution

  • jasailafan
    jasailafan Posts: 191  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Try to disable SNMP or add a rule "deny" in service control.

All Replies

  • jasailafan
    jasailafan Posts: 191  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Try to disable SNMP or add a rule "deny" in service control.

  • Julien_ALM
    Julien_ALM Posts: 10
    First Anniversary Friend Collector First Comment
    Options
    Try to modify your security police indicated above :

    From : any
    to : WAN
    IPv4 Source: any
    IPv4 Destination: any
    Service: SNMP_UDP
    User: any
    Shedule: none:
    Action: deny

    I Think your router is trying to communicate to the outside (your service provider)

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)