Paper Info
Title
Third time's not a charm: exploiting SNMPv3 for router fingerprinting
Abstract
ABSTRACTIn this paper, we show that adoption of the SNMPv3 network management protocol standard offers a unique---but likely unintended---opportunity for remotely fingerprinting network infrastructure in the wild. Specifically, by sending unsolicited and unauthenticated SNMPv3 requests, we obtain detailed information about the configuration and status of network devices including vendor, uptime, and the number of restarts. More importantly, the reply contains a persistent and strong identifier that allows for lightweight Internet-scale alias resolution and dual-stack association. By launching active Internet-wide SNMPv3 scan campaigns, we show that our technique can fingerprint more than 4.6 million devices of which around 350k are network routers. Not only is our technique lightweight and accurate, it is complementary to existing alias resolution, dual-stack inference, and device fingerprinting approaches. Our analysis not only provides fresh insights into the router deployment strategies of network operators worldwide, but also highlights potential vulnerabilities of SNMPv3 as currently deployed.
Year
DOI
Venue
2021
10.1145/3487552.3487848
Internet Measurement Conference
DocType
ISSN
Citations 
Conference
Proceedings of the 2021 ACM Internet Measurement Conference (IMC '21)
0
PageRank 
References 
Authors
0.34
0
4
Name
Order
Citations
PageRank
Taha Albakour100.34
Oliver Gasser2709.35
Robert Beverly336132.92
Georgios Smaragdakis464744.52