There are freely available tools that are designed for the sole purpose of gathering SNMP information as it crosses the network. They require access to a portion of the network through which the SNMP packets must pass. This can be accomplished by the hacker gaining access to the internal network, or by internal users who collect information for the purpose of doing damage or providing the information to hackers.

One such tool is called snmpsniff. It will pull copies of SNMP packets off of the network and display them to the user, pointing out the exact community string used for the packet. A switched network, which will be discussed later, is a good countermeasure to this threat.