SNMP Agent Responds to Any Community Name

• Microsoft Windows NT operating system version 3.1

Windows NT provides support for Microsoft Simple Network Management Protocol (SNMP) on a TCP/IP network. The security options for SNMP include a list of community names. If you remove all the community names, including the default name, Public, SNMP will respond to any community names presented.

This is expected behavior, as described in the request for comments document, RFC 1157:

   An SNMP message originated by an SNMP application entity that
   in fact belongs to the SNMP community named by the community
   component of said message is called an authentic SNMP message.
   The set of rules by which an SNMP message is identified as an
   authentic SNMP message for a particular SNMP community is called
   an authentication scheme. An implementation of a function that
   identifies authentic SNMP messages according to one or more
   authentication schemes is called an authentication service.

   Clearly, effective management of administrative relationships
   among SNMP application entities requires authentication services
   that (by the use of encryption or other techniques) are able to
   identify authentic SNMP messages with a high degree of certainty.
   Some SNMP implementations may wish to support only a trivial
   authentication service that identifies all SNMP messages as
   authentic SNMP messages.

   Some SNMP implementations may wish to support only a trivial
   authentication service that identifies all SNMP messages as
   authentic SNMP messages.