chkconfig snmpd on
Firewall port 161
semanage port -l | grep snmp
sealert -a /var/log/audit/audit.log
/usr/share/snmp/mibs
yum install net-snmp*
snmptranslate -On -TB hrSystemUptime
.1.3.6.1.2.1.25.1.1
snmptranslate -TB '.*memory.*'
UCD-SNMP-MIB::memory
HOST-RESOURCES-TYPES::hrDeviceNonVolatileMemory
HOST-RESOURCES-TYPES::hrDeviceVolatileMemory
HOST-RESOURCES-MIB::hrMemorySize
HOST-RESOURCES-TYPES::hrStorageFlashMemory
HOST-RESOURCES-TYPES::hrStorageVirtualMemory
snmptranslate -On HOST-RESOURCES-MIB::hrMemorySize
.1.3.6.1.2.1.25.2.2
snmptranslate -Oq .1.3.6.1.2.1.25.2.2
HOST-RESOURCES-MIB::hrMemorySize
SNMPGET
When using Names always remember to use the index like this
[root@ex442-1 ~]# snmpget -v1 -c ex442 localhost ipForwarding.0
other wise
[root@ex442-1 ~]# snmpget -v1 -c ex442 localhost ipForwarding
Error in packet
Reason: (noSuchName) There is no such variable name in this MIB.
Failed object: IP-MIB::ipForwarding
SNMPD CONF
#ro_versus_rw
rocommunity lockeddown 192.168.48.0/24 .1
rocommunity NOTSECRET 192.168.48.0/255.255.255.0 .1
rwcommunity NOTGOOD
rocommunity all 0.0.0.0 .1.3.6.1.2.1.1
rwcommunity lockedDown 192.168.48.0/24
rwcommunity admin localhost
#Custom Views defined here
group demogroup usm demouser
view demoview included .1
SNMP CONF
Use ~/.snmp/snmp.conf for settings per user level
defVersion (1|2c|3)
defCommunity public
create snmp v3 users
service snmp stop
net-snmp-config --create-snmpv3-user -ro -a password -x sharedsecret -X DES -A MD5 username
vim snmpd.conf
rouser rhr
rouser rh
# groupName secMod secName
group gr_limited usm limited
group gr_unlimited usm unlimited
# name incl/excl subtree
view view_lm included .1.3.6.1.2.1.1
view view_ul included .1
# context secMod seclvl prefix read write notif
access gr_limited "" any auth exact view_lm none none
access gr_unlimited "" any auth exact view_ul none none
No comments:
Post a Comment