I received a voice mail today indicating there was an issue related to a SNMP reflection attack on my internet connection with 48 hours to resolve it or lose my service. This evening I spent over two hours running virus scans - calling Rogers Support - reading through info in emails sent by Rogers detailing the issue - checking to make sure my router firmware was updated - same with my MacBook. However I told the second rep that I couldn't access the Rogers modem or router associated with my Rogers Home Security - he advised I should call back and request Tier 2 - so I did and after explaining the issue again - I was told this was an error that my internect connection is fine and a number of customers received this message in error.
Has anyone else received this particular message related to the SNMP attack? If so - have you been able to confirm it was an error and your internet service won't be disrupted?
Solved! Solved! Go to Solution.
I have not received this kind of warning, nor have I encountered this issue. I am not sure what Rogers was trying to do or accomplish in this instance.
SNMP (Simple Network Management Protocol) does seem to have the potential for problems. See the following:
where they state the following:
"The recommendations of the BITAG include:
To protect yourself from this kind of attack, simply make sure that SNMP is disabled on your router, modem, and PC. This is not a virus or malware isue, but is a question of what you have enabled on the devices in your network.
In most cases you will not use SNMP in any case, so nothing is lost.
This is probably an extention, or the same sort of message that some have got before, RE: having a rootkit or similar thing on their connection, spaming IN or OUT.
Due to the nature of it, which can be used for a DDOS attack, like Skinorths link talks about... they can spam a directed PC, etc with a large volume of connections, which disables the device... but this large volume of connections at once, can bring other network equipement along the way down as well, or at least end up lessening its capabilities.. which could effect anyone else in the area going through the same equipment.
As skinorth said.. can be good to turn that OFF, just as a saftey thing.
Thank you for the feedback - I had another conversation with Rogers tech support - I was told during a third call that the message was sent in error to a number of customers in the data base - and - my account is ok. I double checked this morning with tech support and all is well.
I had never made any changes to the original setup - Rogers did add another router when my Home Security system but that was the only change so as you can appreciate the original call and description of the issue caught me off guard.
I am having the same problem. After two calls to tech support I am no farther ahead. I have checked the router and my two laptops. Nothing is set to "public" or to have an open SMNP. I keep getting the "abuse" emails. No virsuses, all setting correct. There isn't anything else I can do.
It turns out that someone is spoofing Rogers . Techxpert can find no problem logged on my account.
But I now have a very clean computer!
And I found a great resource to test my d-link router's security. Gibson Research Corporation's Shields Up analyser.
OK this is frustrating...the calls have started up again. I spent another weekend working with the tech dept. Finally one person told me to uncheck the upnp ( plug and play) setting on my d-link router. I did so, then ran a battery of rootkit, virus, and spyware tests. Also did a thorough clean. Nothing came up as dangerous.
AND NOW THE CALLS HAVE STARTED AGAIN!
Internet will be cut off in 48hrs unless I download Rogers Online Protect.
Well Rogers Protect bogged my computer down. I'm using another brand.
Is this just the sales dept trying to get people to upgrade to premium?
Also I was bumped up to the paid level of support lst time I called.
Is this Rogers just trying to drum up business for their paid techs?