GEN:SID 1:1893
Message SNMP missing community string attempt
Summary This event is generated when SNMP communications do not contain a
community name.
Impact Medium to Serious. Depending on if the community string was for
read-only, read-create or read-write an attacker could gain a varying
level of access to a system.
Detailed Information An SNMP community string is the authentication process that a host
running SNMP uses to grant access. By supplying a blank community string
and attacker may be attempting to gain access to SNMP functionality for
a device that has not been configured correctly.
Affected Systems Numerous. Routers, switches, servers, NAS systems, many others.
Attack Scenarios An attacker can launch a scan of all network attached devices looking
for port 161 (UDP) and then attempt to gain access using SNMP.
Ease of Attack Simple. There are many free SNMP "tree walking" programs, an example of
such is getIF.
Corrective Action Ensure that all devices using SNMP have a community string assigned.

Make sure that all devices that have SNMP turned on have complex
passwords assigned.

Disable unneeded WRITE / CREATE community strings.

Since SNMP traffic is not encrypted, use a packet filtering firewall to
restrict SNMP communications to the protected network.
Additional References GetIF:
http://www.wtcs.org/snmp4tpc/getif.htm

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0517
Rule References bugtraq: 2112
cve: 1999-0517