Free SNMP Software Suit in Windows Environment - Net-SNMP (Snmpv3 Support) - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Tuesday, May 6, 2014

Free SNMP Software Suit in Windows Environment - Net-SNMP (Snmpv3 Support)

I was looking for this kind of software for a while. Mostly desktop and servers I am using are windows based. There is no Snmpwalk this kind of command under windows OS. Good things, there are always some genius to see the gap and develop some gorgeous tools to meet the needs from the people like me.

Net-SNMP is one of this kind of software. Based on their website - http://www.net-snmp.org/
"
Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6. The suite includes:
  • Command-line applications to:
    • retrieve information from an SNMP-capable device, either using single requests (snmpget, snmpgetnext), or multiple requests (snmpwalk, snmptable, snmpdelta).
    • manipulate configuration information on an SNMP-capable device (snmpset).
    • retrieve a fixed collection of information from an SNMP-capable device (snmpdf, snmpnetstat, snmpstatus).
    • convert between numerical and textual forms of MIB OIDs, and display MIB content and structure (snmptranslate).
  • A graphical MIB browser (tkmib), using Tk/perl.
  • A daemon application for receiving SNMP notifications (snmptrapd). Selected notifications can be logged (to syslog, the NT Event Log, or a plain text file), forwarded to another SNMP management system, or passed to an external application.
  • An extensible agent for responding to SNMP queries for management information (snmpd). This includes built-in support for a wide range of MIB information modules, and can be extended using dynamically loaded modules, external scripts and commands, and both the SNMP multiplexing (SMUX) and Agent Extensibility (AgentX) protocols.
  • A library for developing new SNMP applications, with both C and perl APIs.
"
There is a tutorial page at http://www.net-snmp.org/wiki/index.php/Tutorials .

Here I would like to list some usage from my person experience.



1. Installation

a. Download it from http://sourceforge.net/projects/net-snmp/files/net-snmp/
current version is 5.7.2.1. Installation package for windows is net-snmp-5.6.1.1-1.x86.exe (4.2 MB)
b. Follow the installation guideline to complete the installation in the windows environment.
c. Verify the installation.

C:\usr\bin>snmpd -V
No log handling enabled - using stderr logging
Warning: no access control information configured.
  (Config search path: c:/usr/etc/snmp;c:/usr/share/snmp;c:/usr/lib)
  It's unlikely this agent can serve any useful purpose in this state.
  Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for th
is agent.
NET-SNMP version 5.6.1.1

2. SNMPv2

Seems like very straightforward.

C:\usr\bin>snmpwalk -v 2c -c SnmpPass 10.94.120.160 system
SNMPv2-MIB::sysDescr.0 = STRING: Juniper Networks, Inc. srx240h internet router,
 kernel JUNOS 11.4R10.3 #0: 2013-11-15 06:56:20 UTC     builder@singlath:/volume
/build/junos/11.4/release/11.4R10.3/obj-octeon/bsd/kernels/JSRXNLE/kernel Build
date: 2013-11-15 07:18:28 UTC Copyright (c) 199
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.2636.1.1.1.2.39
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (43996634) 5 days, 2:12:46.34
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING:
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 4

3. SNMPv3

Not that easy when test SNMPv3 command.

Trying to test SNMPv3 but got 'Encryption support not enabled' error messages always:

C:\>snmpget -v3 -u NetService -l authPriv -x DES -a MD5 -A Password -X Password 10.94.16.11 SNMPv2-MIB::sysName.0

No log handling enabled - using stderr logging
Encryption support not enabled.
snmpget: USM encryption error

C:\>snmpd -H
No log handling enabled - using stderr logging
netsnmp_assert GetLastError() != 10093L failed ..\..\snmplib\winpipe.c:48
Warning: no access control information configured.
  (Config search path: c:/usr/etc/snmp;c:/usr/share/snmp;c:/usr/lib)
  It's unlikely this agent can serve any useful purpose in this state.
  Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for th
is agent.
Configuration directives understood:
  In snmpd.conf and snmpd.local.conf:
    authtrapenable           1 | 2              (1 = enable, 2 = disable)
    trapsink                 host [community] [port]
    trap2sink                host [community] [port]
.
.
.
    defSecurityName          string
    defContext               string
    defPassphrase            string
    defAuthPassphrase        string
    defPrivPassphrase        string
    defAuthMasterKey         string
    defPrivMasterKey         string
    defAuthLocalizedKey      string
    defPrivLocalizedKey      string
    defVersion               1|2c|3
    defAuthType              MD5|SHA
    defPrivType              DES (AES support not available)
    defSecurityLevel         noAuthNoPriv|authNoPriv|authPriv

It clearly shows DES is supported but not AES. Since we are using DES, where is the real problem. Actually, the cause for our error message is the option during installation, encryption support not being chosen.


Following packages have to be installed first to support this Encryption.
1. Microsoft Visual C++ 2008 Redistributable Package Please make sure use vcredist_x86.exe but not vcredist_x64.exe.
2. Win32 OpenSSL v1.0.1g Light (Win32OpenSSL_Light-0_9_8y.exe) , reboot system.
3. net-snmp-5.6.1.1-1.x86.exe (net-snmp-5.5.1-1.x86.exe)

There are lots of tricks here. First, you will have to install OpenSSL 0.9.8 this version based on the download page ,

"IMPORTANT NOTE FOR WINDOWS USERS: the Net-SNMP Windows binaries have been built with OpenSSL version 0.9.8r. Since the OpenSSL 0.9 and 1.0 DLLs are incompatible, any attempt to install Net-SNMP on a system where OpenSSL 1.0 has been installed will fail."

Second thing I spent tons of time to figure out is 5.5.1 version working fine but not 5.6.1.1 this latest version.

C:\Users\John>snmpwalk -v3 -u NetServices -l authPriv -x DES -a MD5 -A SnmpPass -X SnmpPass 10.94.16.11 SNMPv2-MIB::sysName.0
SNMPv2-MIB::sysName.0 = STRING: Switch2001

I feel lucky today!!!!!!

No comments:

Post a Comment