Port 161 - SNMP

SNMP 'GETBULK' Reflection DDoS

Run the below command and take POC from wireshark. filter SNMP. the response will be higher than request

snmpbulkget -v2c -Cn0 -Cr2500 -Os -c public 1.3.6.1.2.1 [IP]

Recommendation

Restrict and monitor access to this service, and consider changing the default 'public' community string

Links

GitHub - vpnguy-zz/snmpdos: Create a DDOS attack using SNMP serversGitHub

GitHub - mucomplex/Pentest_checklistGitHub