CrowdSupport®
Brad-99
Level 3: Gumshoe

blocked SNMP on Telstra HFC

Looks like, at a network level, Telstra are blocking SNMP queries from the internet to my router.

 

Does anyone know how I get Telstra to turn that "feature" off?

 

Specifically - my router is not able to receive any packets on UDP port 161.

My router can accept other incoming queries just fine (like SSH), just UDP 161 is the problem.

Was this helpful?

  • Yes it was, thank you
  • No, I still need help
7 REPLIES 7
Level 24: Supreme Being
Level 24: Supreme Being

Re: blocked SNMP on Telstra HFC

Have you port forwarded UDP port 161 in the modem?
Brad-99
Level 3: Gumshoe

Re: blocked SNMP on Telstra HFC

The HFC modem is in bridge-mode, so port-forwarding is not required.
I have not port-forwarded the modem for SSH (and other ports) and they all get to the router.
Level 21: Augmented

Re: blocked SNMP on Telstra HFC

SNMP is widely considered to be a security risk (e.g. https://www.us-cert.gov/ncas/alerts/TA17-156A)and is very often allowed only inside tightly controlled networks, often only on segregated VLANs. So I am not surprised that somewhere on the route to your modem, someone blocks it on their router...
DISCLAIMER: I do not work for Telstra or any other ISP. I never did. I have wealth of practical knowledge in Computer Security and Forensic Computing. I have been in the field since 1985.

Likes (formerly Kudos) and solutions are appreciated!!!
The comments expressed by me reflect my user experience and personal opinion.
Brad-99
Level 3: Gumshoe

Re: blocked SNMP on Telstra HFC


@ForensicsGuru wrote:
SNMP is widely considered to be a security risk (e.g. https://www.us-cert.gov/ncas/alerts/TA17-156A)and is very often allowed only inside tightly controlled networks, often only on segregated VLANs. So I am not surprised that somewhere on the route to your modem, someone blocks it on their router...
This isnt a remotely helpful answer, nor an accurate one.  SNMP is in widespread use across the internet, you could find/replace SNMP with SSH in TA17-156A and the principles would still hold true.



 
Level 21: Augmented

Re: blocked SNMP on Telstra HFC

If you can make claim comparing security of SSH and SNMP, I have nothing else to say... You obviously do not have any idea about real computer security.
DISCLAIMER: I do not work for Telstra or any other ISP. I never did. I have wealth of practical knowledge in Computer Security and Forensic Computing. I have been in the field since 1985.

Likes (formerly Kudos) and solutions are appreciated!!!
The comments expressed by me reflect my user experience and personal opinion.
Brad-99
Level 3: Gumshoe

Re: blocked SNMP on Telstra HFC

Again, your not being helpful, and your not reading my post.  "same principles apply" - lock down SNMP like you would SSH using ACL's, passwords, limited views, etc.

 

None of this is answering my initial question, your just diverting the discussion because?

 

Level 21: Augmented

Re: blocked SNMP on Telstra HFC

No, I am not diverting anything. Telstra or someone else on the route decided that SNMP is a security risk and decided to block it. Full stop. You won't get them to change it for you...
DISCLAIMER: I do not work for Telstra or any other ISP. I never did. I have wealth of practical knowledge in Computer Security and Forensic Computing. I have been in the field since 1985.

Likes (formerly Kudos) and solutions are appreciated!!!
The comments expressed by me reflect my user experience and personal opinion.

Telstra Smart Modem

Plug in and connect in minutes. Smart.

Find out more
Find out more about the Telstra 24x7 App ×
Manage your services and take advantage of offers while you’re out and about with the Telstra 24x7® App Find out more
Earn points on our new rewards program and enjoy tier benefits like discounted movie tickets and moreFind out more

Need a hand or want to share your expertise?
Register for CrowdSupport and get involved

Register now