768
Comment:
|
← Revision 20 as of 2017-11-10 22:46:44 ⇥
2388
|
Deletions are marked like this. | Additions are marked like this. |
Line 6: | Line 6: |
* [[https://community.rapid7.com/community/services/blog/2016/05/05/snmp-data-harvesting-during-penetration-testing|Snmp]] harvesting * Links [[pySnmp]] * http://www.oid-info.com/ |
|
Line 21: | Line 24: |
* Check if neighbour ospf is up * OSPF-MIB::ospfNbrState.10.10.1.10.0 = INTEGER: full(8) * Linux - snmpwalk examples * 201408 On Ubuntu, i had to uncomment line in /etc/snmp/snmp.conf and install '''snmp-mibs-downloader''' to get mibs loaded. {{{ export ip=10.x.y.z export MIBS=ALL snmpwalk -v2c -c public $ip system or (load mib table) snmpwalk -v 2c -c public -m RFC1213-MIB $ip system }}} * Linux Notes 201307 {{{ sudo apt-get install snmp-mibs-downloader sudo download-mibs }}} * Mibs loaded from "$HOME/.snmp/mibs" and "/usr/local/share/snmp/mibs" * check with $ net-snmp-config --default-mibdirs |
|
Line 22: | Line 44: |
* MIB links * IBM XIV MIB : http://www-01.ibm.com/support/docview.wss?uid=ssg1S4000913 {{{ #From: http://aussiestorageblog.wordpress.com/2011/03/17/xiv-and-snmp-lets-walk-the-walk/ export ip=10.x.y.z snmpwalk -v 2c -c XIV -m XIV-MIB $ip xiv snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFailedDisks snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFreeSpaceSoft }}} |
|
Line 23: | Line 54: |
* Cisco secure snmp 1. Use a acl to limit access 2. Use new control-plane security to limit admin access to a specific interface {{{ ! control-plane host management-interface GigabitEthernet0/2 allow http ssh tftp snmp ! |
|
Line 24: | Line 63: |
}}} | |
Line 27: | Line 67: |
CategoryCisco CategoryNetworkManagement | CategoryCisco CategoryNetworkManagement CategorySecurity |
SNMP Simple Network Mangement
Snmp harvesting
Links pySnmp
- Wireless devices
- Cisco
- Find snmp if index
- # show snmp mib ifmib ifindex
- OSPF
- $ snmpwalk -v2c -m all -c public 10.0.0.1 ospf | less
- OSPF-MIB::ospfNbrIpAddr.xxxx
- OSPF-MIB::ospfNbrRtrId.10.19.13.249.0
- OSPF-MIB::ospfNbrState.10.19.13.249.0
- OSPF-MIB::ospfNbmaNbrStatus.10.19.13.249.0
- Check if neighbour ospf is up
- OSPF-MIB::ospfNbrState.10.10.1.10.0 = INTEGER: full(8)
- $ snmpwalk -v2c -m all -c public 10.0.0.1 ospf | less
- Find snmp if index
- Linux - snmpwalk examples
201408 On Ubuntu, i had to uncomment line in /etc/snmp/snmp.conf and install snmp-mibs-downloader to get mibs loaded.
export ip=10.x.y.z export MIBS=ALL snmpwalk -v2c -c public $ip system or (load mib table) snmpwalk -v 2c -c public -m RFC1213-MIB $ip system
- Linux Notes 201307
sudo apt-get install snmp-mibs-downloader sudo download-mibs
- Mibs loaded from "$HOME/.snmp/mibs" and "/usr/local/share/snmp/mibs"
- check with $ net-snmp-config --default-mibdirs
- MIB links
IBM XIV MIB : http://www-01.ibm.com/support/docview.wss?uid=ssg1S4000913
#From: http://aussiestorageblog.wordpress.com/2011/03/17/xiv-and-snmp-lets-walk-the-walk/ export ip=10.x.y.z snmpwalk -v 2c -c XIV -m XIV-MIB $ip xiv snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFailedDisks snmpwalk -v 2c -c XIV -m XIV-MIB $ip xivFreeSpaceSoft
- Cisco secure snmp
- Use a acl to limit access
- Use new control-plane security to limit admin access to a specific interface
! control-plane host management-interface GigabitEthernet0/2 allow http ssh tftp snmp !
...