Overview

This article guides you on how to perform SNMP Audits on network targets and identify weak community strings using the SNMP Audit Tool in GFI LanGuard.

Information

GFI LanGuard uses the Simple Network Management Protocol (SNMP) to obtain information, like hardware specifications and operating system version, from network devices, such as servers, computers, printers, hubs, switches, and routers.

Through SNMP, GFI LanGuard can monitor network performance, audit network usage, and detect network faults.

SNMP Audit Tool

• This tool identifies weak SNMP community strings by performing a dictionary attack using the values stored in its default dictionary file snmp–pass.txt.
• You can add new community strings to the default dictionary file by using a text editor, for example, notepad.exe.
• You can also direct the SNMP Audit Tool to use other dictionary files.
  To achieve this, specify the path to the dictionary file from the Options dialog.

Process 

To perform SNMP Audits on network targets and identify weak community strings:

1. Launch GFI LanGuard.
2. Go to Utilities and select SNMP Audit in the left pane under Tools.
3. Under IP address or range of IP addresses for computer(s) running SNMP, specify the IP to reach.
4. To edit the default options, such as providing alternative community strings, choose from one of the steps below: 
   • Under Common Tasks in the left pane, click Edit SNMP Audit Options.
   • Click the Options button on the top-right section of the screen.
5. Click Retrieve to start the process.