set up SNMP

flekzout · September 25, 2008, 4:35am

hi all

does anyone ever set up an SNMP?? security team asked me to configure or set up my SNMP since it was set by default or no one configure it. but I do not know how to do it, I try to search using google but its hardly to find the tutorial on how to setup this snmp

I read this information below about this snmp

 http://www.sans.org/resources/idfaq/snmp.php

the question is

how to check the snmp community string value (whether is there any configuration setting in this snmp)?
2.how to set up SNMP so it will be secure for my servers here.

I have read about how this snmp can effect my servers, I do some studying before I ask here, so please help me on this.

GBU
Thank You.

ynilesh · September 25, 2008, 5:45am

Setting up snmp in not a big task, but what is your exact requirement ?
How you want to use snmp ?

There are 3 versions available in snmp which varies according to security.
There are currently three versions of SNMP.

SNMP Version 1: this version was designed to be a protocol to provide device statistics and error reporting without consuming a lot of system resources. It has limited security.
SNMP Version 2: The second version often referred to as v2c, expanded the number of supported error codes, increased the size of counters used to track data, and had the ability to do bulk queries that more efficiently loaded response packets with data.
SNMP Version 3: This version provides greater security and remote configuration capabilities than its predecessors. Access isn't limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced.

Let me know what exactly your requirement is we can accordingly work on it.

Feel free to ping me on,
yahoo id - nilesh_patil82@yahoo.com
gmail id - nils.pat@gmail.com

nilesh

flekzout · September 25, 2008, 9:18am

Hi,

You are really awesome, thanks for your explanation.

I check my snmpd.conf from /etc/snmp/snmpd.conf in one of my RHEL, I saw that my community string is set to 'rstuvw' I dont know who set it or do this previously.

currently I use RHEL and solaris 10.

I don't know which version that I'm using, maybe v2c.

the requirement? I do not know about requirement, but security team asked me not to use default string, but I guess I'm not using default string since is set to 'rstuvw'.. I guess SNMP v3 is better than the previous 2 versions right? do you have any guidance about how to install this snmp and maybe to check all the informations in the server related to this snmp?

hey thanks again for your reply, I mean it. thanks. GBU.

ynilesh · September 25, 2008, 10:57am

On rhel system u need to have following snmp packages,

Original snmpd.conf is very complicated, so for testing you can keep minimum configuration in /etc/snmpd.conf file like,

rocommunity  rstuvw

Try this command after installation,

snmpwalk -v1 -c rstuvw localhost

It should show something like this......

And yes Version 3 is better than previous 2 versions. Which provide you username/password feature.

Refer snmpd.conf file more details.

nilesh

flekzout · September 25, 2008, 10:37pm

Hi,

Thanks for your patient for teaching me man, appreciate it.

I got the output, I use the v2 as well, but the thing is that output is look like snmptrap, my boss told me that is not the one he is looking for. =(

I guess maybe he wants to see the configuration that see something like this?

 http://www.juniper.net/techpubs/software/junos/junos71/swconfig71-net-mgmt/html/snmp-config9.html

do you know how to see that configuration? and which directory has those configuration of this snmp? I only know the /etc/snmp/snmpd.conf

any command to determine everything that related to snmp?

Thanks for your help, I guess your answer will help lots of people when they looking after this snmp things in google search. GBU.

ynilesh · September 26, 2008, 3:23am

You will find all snmp commands starting with snmp*
You can also list of commands by listing rpm package contents.

rpm -ql {package name}

nilesh

flekzout · September 26, 2008, 5:02am

hi Nilesh,

Thanks, I already search it while waiting for your answer hehe and I noticed that Solaris and RHEL directory for this snmp having lots of differences. But, I get all those ideas now. btw, how to install the V3 of this snmp? any idea?

I checked this server has been setup before, it using different value which is 'rstuvw' instead of 'public' or 'private' which it supposed to be ok right? I mean at least it should protect from the outsiders to read on my snmp settings right?

Thanks nilesh. hehe

ynilesh · September 29, 2008, 6:29am

It must have installed already.

Correct.

Good going.... let me know if you want to know more about using it.

nilesh

flekzout · October 2, 2008, 5:39am

hehe thanks nilesh, thanks a lot.. with your guidance now I know more about this snmp, I done my study part as well, its really different the directory from rhel and solaris and I managed to find it. Thanks man. hope someday I can return back to you.

cheers.

btw "let me know if you want to know more about using it. "
of course I want to know more hehe, but I do not know what to ask hehe.. thanks nilesh.