This alert is triggered when an external source sends an SNMP getbulk request to an internal Windows server on UDP port 161. This behavior may be associated with attempts to gather network information, potentially as part of reconnaissance or exploiting CVE-2002-0013 and CVE-2002-0012, known vulnerabilities in Windows SNMP services.

• os-windows