Differences between revisions 3 and 20 (spanning 17 versions)

SNMP Simple Network Mangement

Snmp harvesting
Links pySnmp
- http://www.oid-info.com/
Wireless devices
Cisco
- Find snmp if index
  - # show snmp mib ifmib ifindex
- OSPF
  - $ snmpwalk -v2c -m all -c public 10.0.0.1 ospf | less
    - OSPF-MIB::ospfNbrIpAddr.xxxx
    - OSPF-MIB::ospfNbrRtrId.10.19.13.249.0
    - OSPF-MIB::ospfNbrState.10.19.13.249.0
    - OSPF-MIB::ospfNbmaNbrStatus.10.19.13.249.0
  - Check if neighbour ospf is up
    - OSPF-MIB::ospfNbrState.10.10.1.10.0 = INTEGER: full(8)

Linux - snmpwalk examples

201408 On Ubuntu, i had to uncomment line in /etc/snmp/snmp.conf and install snmp-mibs-downloader to get mibs loaded.

      export ip=10.x.y.z
      export MIBS=ALL
      snmpwalk -v2c -c public  $ip system
      or (load mib table)
      snmpwalk -v 2c -c public -m RFC1213-MIB $ip system

Linux Notes 201307
- ```
          sudo apt-get install snmp-mibs-downloader
          sudo download-mibs
```
- Mibs loaded from "$HOME/.snmp/mibs" and "/usr/local/share/snmp/mibs"
  - check with $ net-snmp-config --default-mibdirs

MIB links

IBM XIV MIB : http://www-01.ibm.com/support/docview.wss?uid=ssg1S4000913

         #From: http://aussiestorageblog.wordpress.com/2011/03/17/xiv-and-snmp-lets-walk-the-walk/
         export ip=10.x.y.z 
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xiv
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFailedDisks
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFreeSpaceSoft

Cisco secure snmp
1. Use a acl to limit access
2. Use new control-plane security to limit admin access to a specific interface
  - ```
  !
  control-plane host
   management-interface GigabitEthernet0/2 allow http ssh tftp snmp 
  !
```

...

CategoryCisco CategoryNetworkManagement CategorySecurity

-  ⇤ ← Revision 3 as of 2010-02-07 07:34:30 → 
  Size: 235
  Editor: PieterSmit
  Comment:
+   ← Revision 20 as of 2017-11-10 22:46:44 → ⇥
  Size: 2388
  Editor: PieterSmit
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 6:
+ * [[https://community.rapid7.com/community/services/blog/2016/05/05/snmp-data-harvesting-during-penetration-testing|Snmp]] harvesting 
 * Links [[pySnmp]]
   * http://www.oid-info.com/
-Line 8:
+Line 11:
+   * ftp://ftp.cisco.com/pub/mibs/v2/CISCO-DOT11-ASSOCIATION-MIB.my
   * ftp://ftp.cisco.com/pub/mibs/v2/IEEE802dot11-MIB.my
   * ftp://ftp.cisco.com/pub/mibs/v2/CISCO-DOT11-IF-MIB.my

 * Cisco
   * Find snmp if index
     # show snmp mib ifmib ifindex 
   * OSPF
     * $ snmpwalk -v2c -m all -c public 10.0.0.1 ospf | less 
       * OSPF-MIB::ospfNbrIpAddr.xxxx 
       * OSPF-MIB::ospfNbrRtrId.10.19.13.249.0 
       * OSPF-MIB::ospfNbrState.10.19.13.249.0 
       * OSPF-MIB::ospfNbmaNbrStatus.10.19.13.249.0 
     * Check if neighbour ospf is up 
       * OSPF-MIB::ospfNbrState.10.10.1.10.0 = INTEGER: full(8)
 
 * Linux - snmpwalk examples
   * 201408 On Ubuntu, i had to uncomment line in /etc/snmp/snmp.conf and install '''snmp-mibs-downloader''' to get mibs loaded.
      {{{
      export ip=10.x.y.z
      export MIBS=ALL
      snmpwalk -v2c -c public  $ip system
      or (load mib table)
      snmpwalk -v 2c -c public -m RFC1213-MIB $ip system
      }}}
     * Linux Notes 201307
          {{{
          sudo apt-get install snmp-mibs-downloader
          sudo download-mibs
          }}}
       * Mibs loaded from "$HOME/.snmp/mibs" and "/usr/local/share/snmp/mibs"
         * check with $ net-snmp-config --default-mibdirs

 * MIB links
   * IBM XIV MIB : http://www-01.ibm.com/support/docview.wss?uid=ssg1S4000913
     {{{
         #From: http://aussiestorageblog.wordpress.com/2011/03/17/xiv-and-snmp-lets-walk-the-walk/
         export ip=10.x.y.z 
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xiv
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFailedDisks
         snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFreeSpaceSoft
     }}}

 * Cisco secure snmp
   1. Use a acl to limit access 
   2. Use new control-plane security to limit admin access to a specific interface
      {{{
!
control-plane host
 management-interface GigabitEthernet0/2 allow http ssh tftp snmp 
!

}}}
-Line 11:
+Line 67:
-CategoryCisco CategoryNetworkManagement
+CategoryCisco CategoryNetworkManagement CategorySecurity