Port 161

Port 161

Post by Manixchil » Fri, 27 Apr 2001 13:11:40

I have installed Portsentry and I am seeing Windows 9x/2000/NT machines
attempting to connect to port 161. What is it used for and should I be

-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----==  Over 80,000 Newsgroups - 16 Different Servers! =-----


Port 161

Post by Dean Thompso » Fri, 27 Apr 2001 13:22:24


Quote:> I have installed Portsentry and I am seeing Windows 9x/2000/NT machines
> attempting to connect to port 161. What is it used for and should I be
> alarmed?

You shouldn't be too alarmed.  The chances are that your Windows machines
actually have SNMP clients on them.  Port 161 is the SNMP management protocol
port.  If you are not using SNMP to manage your network, you should probably
remove the SNMP clients off your Windows boxes.

See ya

Dean Thompson


| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |


1. SNMP daemon not active on port 161 (or anywhere); daemon loaded.

I'm running RedHat 5.0+ (Updates to 5.0, but not a 5.1 fileset) and
I've loaded cmu-snmp.  I've edited /etc/snmpd.conf, though it's supposed
to work without changes, and I'm not getting any responses (even error
messages) from port localhost:161.

    Some issues:

    1. I'm using strobe to check ALL ports that might be listening.
This works for lpr, www, and all the better known protocols, but
wouldn't it show up if snmpd was set up properly?  (Otherwise I can't
really check it's operation.)

    2. Is there any authentication that I might be overlooking, simply
to look at the public MIBs?  I know there's authentication for writing
(anywhere) and reading private ones.

    All I want is enough of SNMP to work so that I can build my
understanding of it.  I've tried scotty; it worked even less than CMU.
I spent two hours last night trying to get their browser (tkined) as a
seperate package to no avail.  At least with  CMU I have parts the
ostensibly work without my learning SNMP AND Tcl/TK all at the same

    I just don't have enough 'parts' that work enough to tell if I can
even use the final result.  Usually this would be because I lacked a
certain library file that the tarball needs...but I'm installing by RPMs
here, RPMs that SHOULD have been packed by someone who knows when the an
implementation of SNMP is working.  (He'd know better than I).

    One more thing...did someone forget the first word of the SNMP
acronym?  Simple?  There are tons of subsets for this technology.  There
are agents that can only send a value (and only one) after receiving a
single request....and there are superior agents that will answer
anyone's request no matter how many times it's asked. (Asynchronous
traps.)  The funny thing is, CMU uses synchronous traps, and IT'S
declared the standard.

    At what point does the 'simple' kick in?


Brian Fahrlander                       Problem Solver, Technomad, and
Evansville, IN
 Whitewater isn't over until the First Lady sings.

2. How to define printers?

3. UDP Hits on port 161

4. /etc/passwd root entry bad shell any recovery ?

5. "UDP port 161" concern??

6. login problem

7. Can't bind port 161

8. Recieve errors with Taylor UUCP under Solaris 2.1

9. Port 161 SNMP (Simple Network Management Protocol)

10. getting bash to run on netbsd 161/sparc

11. test 161

12. Sample tests for 161

13. Probe to 161