set up SNMP - UNIX for Advanced & Expert Users

flekzout · #1 09-25-2008

hi all

does anyone ever set up an SNMP?? security team asked me to configure or set up my SNMP since it was set by default or no one configure it. but I do not know how to do it, I try to search using google but its hardly to find the tutorial on how to setup this snmp

I read this information below about this snmp

Code:

 http://www.sans.org/resources/idfaq/snmp.php

the question is
1. how to check the snmp community string value (whether is there any configuration setting in this snmp)?
2.how to set up SNMP so it will be secure for my servers here.

I have read about how this snmp can effect my servers, I do some studying before I ask here, so please help me on this.

GBU
Thank You.

ynilesh · #2 09-25-2008

Setting up snmp in not a big task, but what is your exact requirement ?
How you want to use snmp ?

There are 3 versions available in snmp which varies according to security.
There are currently three versions of SNMP.

1. SNMP Version 1: this version was designed to be a protocol to provide device statistics and error reporting without consuming a lot of system resources. It has limited security.

2. SNMP Version 2: The second version often referred to as v2c, expanded the number of supported error codes, increased the size of counters used to track data, and had the ability to do bulk queries that more efficiently loaded response packets with data.

3. SNMP Version 3: This version provides greater security and remote configuration capabilities than its predecessors. Access isn't limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced.

Let me know what exactly your requirement is we can accordingly work on it.

Feel free to ping me on,
yahoo id - nilesh_patil82@yahoo.com
gmail id - nils.pat@gmail.com

- nilesh

flekzout · #3 09-25-2008

Hi,

You are really awesome, thanks for your explanation.

I check my snmpd.conf from /etc/snmp/snmpd.conf in one of my RHEL, I saw that my community string is set to 'rstuvw' I dont know who set it or do this previously.

Quote:

###com2sec notConfigUser default public
com2sec notConfigUser default rstuvw

currently I use RHEL and solaris 10.

I don't know which version that I'm using, maybe v2c.

the requirement? I do not know about requirement, but security team asked me not to use default string, but I guess I'm not using default string since is set to 'rstuvw'.. I guess SNMP v3 is better than the previous 2 versions right? do you have any guidance about how to install this snmp and maybe to check all the informations in the server related to this snmp?

hey thanks again for your reply, I mean it. thanks. GBU.

ynilesh · #4 09-25-2008

On rhel system u need to have following snmp packages,

Quote:

- net-snmp,
- net-snmp-libs
- and net-snmp-utils

Original snmpd.conf is very complicated, so for testing you can keep minimum configuration in /etc/snmpd.conf file like,

Code:

rocommunity  rstuvw

Try this command after installation,

Code:

snmpwalk -v1 -c rstuvw localhost

It should show something like this......

Quote:

SNMPv2-MIB::sysDescr.0 = STRING: Linux Redhat 2.6.24-19-generic #1 SMP Wed Aug 20 17:53:40 UTC 2008
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (736024) 2:02:40.24
SNMPv2-MIB::sysContact.0 = STRING: root
SNMPv2-MIB::sysName.0 = STRING: ubuntu
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
.
.
.

And yes Version 3 is better than previous 2 versions. Which provide you username/password feature.

Refer snmpd.conf file more details.

- nilesh

flekzout · #5 09-25-2008

Hi,

Thanks for your patient for teaching me man, appreciate it.

I got the output, I use the v2 as well, but the thing is that output is look like snmptrap, my boss told me that is not the one he is looking for. =(

I guess maybe he wants to see the configuration that see something like this?

Code:

 http://www.juniper.net/techpubs/software/junos/junos71/swconfig71-net-mgmt/html/snmp-config9.html

do you know how to see that configuration? and which directory has those configuration of this snmp? I only know the /etc/snmp/snmpd.conf

any command to determine everything that related to snmp?

Thanks for your help, I guess your answer will help lots of people when they looking after this snmp things in google search. GBU.

ynilesh · #6 09-26-2008

You will find all snmp commands starting with snmp*
You can also list of commands by listing rpm package contents.

Code:

rpm -ql {package name}

- nilesh

flekzout · #7 09-26-2008

hi Nilesh,

Thanks, I already search it while waiting for your answer hehe and I noticed that Solaris and RHEL directory for this snmp having lots of differences. But, I get all those ideas now. btw, how to install the V3 of this snmp? any idea?

I checked this server has been setup before, it using different value which is 'rstuvw' instead of 'public' or 'private' which it supposed to be ok right? I mean at least it should protect from the outsiders to read on my snmp settings right?

Thanks nilesh. hehe

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
Net-SNMP 5.4.2 (net-snmp branch)	iBot	Software Releases - RSS News	0	09-19-2008 08:00 PM
Net-SNMP 5.4.1.1 (net-snmp branch)	iBot	Software Releases - RSS News	0	06-09-2008 08:40 PM
Snmp	manoj.solaris	AIX	1	08-14-2007 01:01 PM
Want to set up SNMP with MIB on SCO OS5	herd5cusa	SCO	0	05-19-2006 02:01 PM
net-snmp	jalburger	UNIX for Dummies Questions & Answers	2	03-26-2003 01:56 PM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode