Data from our site would include a certain bi-coastal router vendor
(who is not Cisco) that likes to use one of our class B networks for
"internal testing purposes", and occassionally leaks their SNMP
testing out to the Internet.
Our solution was to block SNMP access from non-local sites, regardless
of community string. It doesn't prevent the routers from logging the
access violation, but it does prevent the remote prober from getting
any useful information.
Scott M. Ballew
Purdue Data Network
Purdue University