SNMPv3 Measurement Service

On this website we present results from ongoing SNMPv3 measurements, provide access to raw SNMPv3 measurement results to fellow researchers, and show additional information about our IMC 2021 paper Third Time's Not a Charm: Exploiting SNMPv3 for Router Fingerprinting.

We run continuous SNMPv3 measurements on the full IPv4 address space and based on the IPv6 Hitlist Service.

Get the data

We make the raw measurement results available to fellow researchers. To get free access to the data, you can send a quick registration email. We use the registration data for statistical purposes and might very occasionally send a survey or other requests for feedback.

Referencing the SNMPv3 Measurement Service

If you are using data from the SNMPv3 Measurement Service in your publication, please cite it with the following reference: @inproceedings{albakour2021third,
   title = {Third Time's Not a Charm: Exploiting SNMPv3 for Router Fingerprinting},
   author = {Albakour, Taha and Gasser, Oliver and Beverly, Robert and Smaragdakis, Georgios},
   booktitle = {Proceedings of the 2021 ACM Internet Measurement Conference},
   year = {2021},
   month = nov,
   doi = {10.1145/3487552.3487848},
   location = {Virtual Event}
}

Paper

Download paper: Third Time's Not a Charm: Exploiting SNMPv3 for Router Fingerprinting

Abstract. In this paper, we show that adoption of the SNMPv3 network management protocol standard offers a unique—but likely unintended—opportunity for remotely fingerprinting network infrastructure in the wild. Specifically, by sending unsolicited and unauthenticated SNMPv3 requests, we obtain detailed information about the configuration and status of the network device including vendor, uptime, and the number of restarts. More importantly, the reply contains a persistent and strong identifier that allows for lightweight Internet-scale alias resolution and dual IPv4/IPv6 stack association. By launching active Internet-wide SNMPv3 scan campaigns, we show that our technique can fingerprint more than 12 million devices and around 350k network routers. Not only is our technique lightweight and accurate, it is complementary to existing alias resolution, dual-stack inference, and fingerprinting approaches. Our analysis not only provides fresh insights into the router deployment strategies of network operators worldwide, but also highlights potential vulnerabilities of SNMPv3 as currently deployed.

Authors. Taha Albakour, Oliver Gasser, Robert Beverly, and Georgios Smaragdakis.

Partners

Acknowledgments. This work was funded in part by the European Research Council (ERC) Starting Grant ResolutioNet (ERC-StG-679158), BMBF BIFOLD 01IS18025A and 01IS18037A, and the U.S. National Science Foundation NSF CNS-1855614.

Contact

Imprint / Data Protection