my snmp server is using 3% of CPU and about 600 kbit/s of bandwidth.
Using "iftop" my server is sending data to an unknown IP, in HTTP port, but the destination IP does not ping and has no HTTP port open.
myhostname.com.br:snmp => 144.168.68.43:http 520Kb 487Kb 487Kb
<= 40.2Kb 37.6Kb 37.6Kb
All defaults (snmpd.conf), I just use it to local MRTG.
It's a CentOS 7 under OpenVZ. Any ideas?
Are these notifications/traps, or responses to Get requests?
Someone is polling your SNMP service, it's as simple as that.
If you don't want them to do that, firewall them (or it) off.
It's common for public services to be polled by random strangers, sometimes as a result of an automated probe but sometimes for explicitly malicious purposes. That's why we have firewalls.
Neither ICMP ping nor HTTP has anything to do with it; SNMP responses go to the same address (IP & port) that the requests came from — the choice of port is effectively arbitrary, but it would seem that the originator has specifically decided to use port 80 because this is commonly an open port, and does not draw much attention. This in itself is frankly suspicious because, unless there are strange technical constraints, an authentic and authorised SNMP manager would be using a port more conventionally allocated to SNMP traffic (like UDP 162).
If there is no evidence of incoming requests triggering this traffic, then your SNMP Agent is doing this on its own. Did you configure it to do so? If not, you may have been hacked and somebody else has configured it this way instead.
You can still firewall it off (the firewall goes both ways!) though you really should be checking into what happened.
If there are no requests incoming, and your SNMP manager is not configured to send notifications to 144.168.68.43, then do you have another SNMP manager you're not aware of? Some piece of software you installed that has SNMP support? Otherwise you're really in trouble.