SNMP Comments

I've been reading the book pictured at left, which I hope to review with the next few days. In the text they show examples using Net-SNMP tools to read and change system attributes using SNMP.

One of the examples involves something like the following. They show modification of the sysLocation value.

orr:/home/richard$ snmpget -v 1 -c read 127.0.0.1 sysLocation.0
SNMPv2-MIB::sysLocation.0 = STRING: somewhere

Here I'm reading the system location. Where does "somewhere" come from? I look at /usr/ports/net-mgmt/net-snmp/Makefile and find this:

CONFIGURE_ARGS+=--enable-shared --enable-internal-md5
--with-mib-modules="${_NET_SNMP_MIB_MODULES}"
--with-default-snmp-version="${DEFAULT_SNMP_VERSION}"
--with-sys-contact="${NET_SNMP_SYS_CONTACT}"
--with-sys-location="${NET_SNMP_SYS_LOCATION}"
--with-logfile="${NET_SNMP_LOGFILE}"
--with-persistent-directory="${NET_SNMP_PERSISTENTDIR}"
--with-gnu-ld --with-libwrap --with-libs="-lkvm -ldevstat"
...edited...
DEFAULT_SNMP_VERSION?= 3
NET_SNMP_SYS_CONTACT?= nobody@nowhere.invalid
NET_SNMP_SYS_LOCATION?= somewhere
NET_SNMP_LOGFILE?= /var/log/snmpd.log
NET_SNMP_PERSISTENTDIR?=/var/net-snmp
NET_SNMP_MIB_MODULES?= ${NET_SNMP_MIB_MODULE_LIST}

Since I installed the FreeBSD package, I'm using the default value.

System location is defined in /usr/local/share/snmp/mibs/SNMPv2-MIB.txt

sysLocation OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The physical location of this node (e.g., 'telephone
closet, 3rd floor'). If the location is unknown, the
value is the zero-length string."
::= { system 6 }

As you can see, this is read-write. I should be able to modify it using the example in the text.

orr:/home/richard$ snmpset -v 1 -c write 127.0.0.1 sysLocation.0 s Manassas
SNMPv2-MIB::sysLocation.0 = STRING: Manassas

I can also use SNMP v2c.

orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 sysLocation.0 s Manassas
SNMPv2-MIB::sysLocation.0 = STRING: Manassas

Here is my /usr/local/etc/snmp/snmpd.conf. Note that if I set syslocation and syscontact in this file, I would not be able to change these values using snmpset. The FAQ makes that point.

###########################################################################
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.

# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]

rocommunity read

# rwcommunity: a SNMPv1/SNMPv2c read-write access community name
# arguments: community [default|hostname|network/bits] [oid]

rwcommunity write

As you can see I have no access control and I do not set sysLocation here.

I can alter other values, too. For example:

orr:/home/richard$ snmpget -v 2c -c read 127.0.0.1 1.3.6.1.2.1.11.30.0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)

orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 1.3.6.1.2.1.11.30.0 = 1
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: enabled(1)

orr:/home/richard$ snmpget -v 2c -c read 127.0.0.1 1.3.6.1.2.1.11.30.0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: enabled(1)

orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 1.3.6.1.2.1.11.30.0 = 2
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)

I appreciate Dale Coddington pointing out a syntax error that caused problems with the first version of this post!

Comments

dorson said…
This comment has been removed by a blog administrator.

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4