book

Essential SNMP, 2nd Edition

by Douglas Mauro, Kevin Schmidt

September 2005

Beginner

462 pages

12h 56m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Essential SNMP, 2nd Edition
SPECIAL OFFER: Upgrade this ebook with O’Reilly
A Note Regarding Supplemental Files
Preface
Audience for This Book
Organization
What's New in This Edition
Example Programs
Using Code Examples
Conventions Used in This Book
Comments and Questions

Safari® Enabled
Acknowledgments for the Second Edition
DouglasKevin
Acknowledgments for the First Edition
1. Introduction to SNMP and Network Management
1.1. What Is SNMP?1.1.1. RFCs and SNMP Versions1.1.2. Managers and Agents1.1.3. The Structure of Management Information and MIBs1.1.4. Host Management1.1.5. A Brief Introduction to Remote Monitoring (RMON)
1.2. The Concept of Network Management
1.2.1. Fault Management1.2.2. Configuration Management1.2.3. Accounting Management1.2.4. Performance Management1.2.5. Security Management
1.3. Applying the Concepts of Network Management
1.3.1. Business Case Requirements1.3.2. Levels of Activity1.3.3. Reporting of Trend Analysis1.3.4. Response Time Reporting1.3.5. Alarm Correlation1.3.6. Trouble Resolution
1.4. Change Management
1.4.1. Planning for Change1.4.2. Managing Change1.4.3. High-Level Process Flow for Planned Change Management1.4.3.1. Scope1.4.3.2. Risk assessment1.4.3.3. Test and validation1.4.3.4. Change planning1.4.3.5. Change controller1.4.3.6. Change management team1.4.3.7. Communication1.4.3.8. Implementation team1.4.3.9. Test evaluation of change1.4.3.10. Network management update1.4.3.11. Documentation1.4.4. High-Level Process Flow for Emergency Change Management1.4.4.1. Issue determination1.4.4.2. Limited risk assessment1.4.4.3. Communication and documentation1.4.4.4. Implementation1.4.4.5. Test and evaluation1.4.5. Before and After SNMP1.4.6. Staffing Considerations
1.5. Getting More Information
2. SNMPv1 and SNMPv2
2.1. SNMP and UDP
2.2. SNMP Communities
2.3. The Structure of Management Information
2.3.1. Naming OIDs2.3.2. Defining OIDs
2.4. Extensions to the SMI in Version 2
2.5. A Closer Look at MIB-II
2.6. SNMP Operations
2.6.1. The get Operation2.6.2. The getnext Operation2.6.3. The getbulk Operation2.6.4. The set Operation2.6.5. get, getnext, getbulk, and set Error Responses2.6.6. SNMP Traps2.6.7. SNMP Notification2.6.8. SNMP inform2.6.9. SNMP report
2.7. Host Management Revisited
2.8. Remote Monitoring Revisited
2.9. Reverse Engineering SNMP
3. SNMPv3
3.1. Changes in SNMPv33.1.1. The SNMPv3 Engine3.1.2. SNMPv3 Applications3.1.3. What Does an Entity Look Like?3.1.4. SNMPv3 Textual Conventions
3.2. USM
3.2.1. The Basics3.2.2. Discovery3.2.3. USM Timeliness3.2.4. Authentication3.2.5. Privacy3.2.6. USM User Table3.2.7. Localized Keys and Changing Keys
3.3. VACM
3.3.1. The Basics3.3.2. Context Table3.3.3. Security to Group Table3.3.4. Access Table3.3.5. View Tree Family Table
3.4. SNMPv3 in the Real World
4. NMS Architectures
4.1. Hardware Considerations
4.2. NMS Architectures
4.3. A Look Ahead
5. Configuring Your NMS
5.1. HP's OpenView Network Node Manager5.1.1. Running NNM5.1.2. The netmon Process5.1.3. Configuring Polling Intervals5.1.4. A Few Words About NNM Map Colors5.1.5. Using OpenView Filters5.1.5.1. Sets5.1.5.2. Filters5.1.5.3. FilterExpressions5.1.6. Loading MIBs into OpenView
5.2. Castle Rock's SNMPc Enterprise Edition
5.2.1. SNMPc's Map5.2.2. Discovery and Filters5.2.3. Discovery Run-Through5.2.4. Configuring SNMPv35.2.5. Loading MIBs into SNMPc
6. Configuring SNMP Agents
6.1. Parameter Settings
6.2. Security Concerns
6.3. Agent Configuration Walkthroughs
6.3.1. Windows Agents (Net-SNMP)6.3.2. HP OpenView Agent for HP-UX and Solaris6.3.2.1. Simple configuration6.3.2.2. Advanced configuration6.3.3. Net-SNMP for Unix6.3.3.1. Running the configuration script6.3.3.2. Creating a configuration by hand6.3.3.3. Using snmpusm to manage users6.3.4. Concord SystemEDGE Agent for Unix and Windows6.3.4.1. Simple configuration6.3.4.2. Advanced configuration6.3.5. Cisco Devices6.3.5.1. Simple configuration6.3.5.2. Advanced configuration6.3.5.3. Configuring SNMPv36.3.6. APC Symetra
7. Polling and Setting
7.1. Retrieving a Single MIB Value7.1.1. Using HP OpenView to Retrieve Values7.1.2. Using Net-SNMP
7.2. Retrieving Multiple MIB Values
7.2.1. Walking the MIB Tree with OpenView7.2.2. Walking the Tree with Net-SNMP
7.3. Setting a MIB Value
7.4. Error Responses
8. Polling and Thresholds
8.1. Internal Polling8.1.1. Remote Monitoring (RMON)8.1.1.1. RMON configuration
8.2. External Polling
8.2.1. Collecting and Displaying Data with OpenView8.2.2. OpenView Graphing8.2.3. OpenView Data Collection and Thresholds8.2.3.1. Designing collections8.2.3.2. Creating a threshold8.2.4. Castle Rock's SNMPc8.2.5. Open Source Tools for Data Collection and Graphing
9. Traps
9.1. Understanding Traps9.1.1. SNMPv2 Traps
9.2. Receiving Traps
9.2.1. HP OpenView9.2.2. Using NNM's Event Configurations9.2.2.1. Selecting event sources9.2.2.2. Setting event categories9.2.2.3. Forwarding events and event severities9.2.2.4. Log messages, notifications, and automatic actions9.2.3. Custom Event Categories9.2.4. The Event Categories Display9.2.5. The Alarms Browser9.2.6. Creating Events Within OpenView9.2.7. Monitoring Traps with Perl9.2.8. Using the Network Computing Technologies Trap Receiver9.2.9. Receiving Traps Using Net-SNMP
9.3. Sending Traps
9.3.1. Sending Traps with OpenView9.3.2. Sending Traps with Perl9.3.3. Sending Traps with Network Computing Technologies' Trap Generator9.3.4. Sending Traps with Net-SNMP9.3.5. Forcing Your Hardware to Generate Traps9.3.6. Receiving Traps with SNMPc9.3.6.1. Custom trap actions9.3.7. Using Hooks with Your Programs
10. Extensible SNMP Agents
10.1. Net-SNMP
10.2. SystemEDGE
10.2.1. Extensibility for Unix and Windows10.2.2. Added Extensibility for Windows
10.3. OpenView's Extensible Agent
10.3.1. Tables
11. Adapting SNMP to Fit Your Environment
11.1. General Trap-Generation Program
11.2. Who's Logging into My Machine? (I-Am-In)
11.3. Throw Core
11.4. Veritas Disk Check
11.5. Disk-Space Checker
11.6. Port Monitor
11.7. Service Monitoring
11.7.1. Web Content11.7.2. SMTP and POP311.7.3. DNS11.7.4. More Monitoring Suggestions
11.8. Pinging with Cisco
11.9. Simple SNMP Agent
11.10. Switch Port Control
11.11. Wireless Networking
11.12. SNMP: The Object-Oriented Way
11.12.1. Extending SNMP::Info
11.13. Final Words
12. MRTG
12.1. Using MRTG
12.2. Viewing Graphs
12.3. Graphing Other Objects
12.4. Other Data-Gathering Applications
12.5. Pitfalls
12.6. Getting Help
13. RRDtool and Cricket
13.1. RRDtool13.1.1. Installing RRDtool
13.2. Cricket
13.2.1. Cricket's History13.2.2. Cricket's Config Tree13.2.3. Installing Cricket13.2.4. Configuring and Using Cricket13.2.5. Gathering Router Data13.2.6. Command-Line Data Sources13.2.7. Parallelizing Cricket13.2.8. Help with Cricket
14. Java and SNMP
14.1. SNMP4J
14.2. SNMP getnext
14.3. SNMP set
14.4. Sending Traps and Informs
14.5. Receiving Traps and Informs
14.6. Resources
A. Using Input and Output Octets
B. More on OpenView's NNM
B.1. Using External Data
B.2. Adding a Menu to NNM
B.3. Profiles for Different Users
B.4. Using NNM for Communications
C. Net-SNMP Tools
C.1. Net-SNMP and MIB Files
C.2. Common Command-Line Arguments
C.3. Net-SNMP Command-Line Tools
C.3.1. snmpwalkC.3.2. snmpgetC.3.3. snmpbulkgetC.3.4. snmpbulkwalkC.3.5. snmpsetC.3.6. snmptrapC.3.7. snmpdeltaC.3.8. snmpdfC.3.9. snmpgetnextC.3.10. snmpstatusC.3.11. snmptableC.3.12. snmpusmC.3.13. snmpconfC.3.14. snmpinformC.3.15. snmptranslate
D. SNMP RFCs
D.1. SMIv1 Data Definition Language
D.2. SMIv2 Data Definition Language
D.3. SNMPv3 Protocol
D.4. SNMP Agent Extensibility
D.5. SMIv1 MIB Modules
D.6. SMIv2 MIB Modules
D.7. IANA-Maintained MIB Modules
D.8. Related Documents
E. SNMP Support for Perl
E.1. SNMP_UtilE.1.1. MIB Management RoutinesE.1.1.1. snmpmapOID()E.1.1.2. snmpMIB_to_OID()E.1.1.3. snmpLoad_OID_Cache()E.1.1.4. snmpQueue_MIB_File()E.1.2. SNMP OperationsE.1.2.1. snmpget()E.1.2.2. snmpgetnext()E.1.2.3. snmpwalk()E.1.2.4. snmpset()E.1.2.5. snmptrap()
E.2. Net-SNMP
E.2.1. MIB Management RoutinesE.2.1.1. &SNMP::loadModules(<mod>,...)E.2.1.2. &SNMP::addMibDirs(<dir>,...)E.2.2. SNMP OperationsE.2.2.1. snmpwalkE.2.2.2. snmpgetE.2.2.3. snmpset
F. Network Management Software
F.1. SNMP Agents
F.2. NMS Suites
F.3. Element Managers (Vendor-Specific Management)
F.4. Trend Analysis
F.5. Supporting Software
G. Open Source Monitoring Software
G-1. Big Brother
G-2. Nagios
G-3. JFFNMS
G-4. OpenNMS
G-5. NINO
H. Network Troubleshooting Primer
H-1. ping
H-2. ipconfig and ifconfig
H-3. arp
H-4. netstat
H-5. traceroute and tracert
H-6. nslookup and dig
H-7. whois
H-8. Ethereal
15. About the Authors
About the Authors
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly

Content preview from Essential SNMP, 2nd Edition

Security Concerns

Chapter 2 discussed the security issues with SNMPv1 and SNMPv2. The biggest problem, of course, is that the read-only and read-write community strings are sent as clear-text strings; the agent or the NMS performs no encryption. Therefore, the community strings are available to anyone with access to a packet sniffer. That certainly means almost anyone on your network with a PC and the ability to download widely available software. Does that make you uncomfortable? It should.

Obviously, you need to take the same precautions with the community strings that you would with your superuser or administrator passwords. Choose community strings that are hard to guess. Mixed-case alphanumeric strings are good choices for community strings; don't use dictionary words. Although someone with the read-only community string can't do as much damage as someone with the read-write string, you might as well take the same precautions for both. Don't forget to change your community strings—most devices ship with preconfigured community strings that are extremely easy to guess.

That doesn't solve the problems with packet sniffers . When you're configuring an agent, it's a good idea to limit the devices that can make SNMP requests (assuming that your agent allows you to make this restriction). That way, even if someone gets the community strings, he'll have to spoof the IP address of one of your management stations to do any damage.

Of course, many people know how to spoof IP addresses ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Mastering Linux Security and Hardening - Second Edition

Publisher Resources

ISBN: 0596008406Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Essential SNMP, 2nd Edition

by Douglas Mauro, Kevin Schmidt

Security Concerns

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.