SNMP service uses a random port for management traps


Symptoms


While SNMP service is running it may be noticed via the netstat Command Line utility that in addition to the well known ports for sending and receiving SNMP traps (161/162) that a random ephemeral port has been created by the service as well.

Cause


The random port usage is intended behavior and is opened for the purpose of sending "management" traps such as COLD START, LINK UP, and LINK DOWN, among others.  This port will remain in the system while the SNMP service is running, but is not actively used unless a management trap is to be sent outbound.  Since SNMP does not listen for inbound packets on this random port, this does not present a security vulnerability.

Resolution


This random port usage does not pose a security threat and can be safely ignored.