In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
The predecessor of SNMP (Simple Network Management Protocol, simple Network Management Protocol) is simple Gateway Monitoring Protocol (SGMP), which is used to manage communication lines. Subsequently, people made great changes to SGMP, especially the addition of SMI and MIB architecture that conformed to the definition of Internet. The improved protocol is the famous SNMP. The goal of SNMP is to manage the software and hardware platforms produced by many manufacturers on the Internet Internet, so SNMP is also greatly influenced by the Internet standard network management framework. Now SNMP has come out to the third version of the protocol, and its function has been greatly enhanced and improved than before.
SNMP version 3 SNMP version 3, defined by RFC 3411-RFC 3418, mainly adds SNMP enhancements in terms of security and remote configuration.
The third edition of SNMP provides important security *:
Information integrity: to ensure that the packet has not been tampered with in transmission.
Certification: the inspection information comes from the correct source.
Packet encryption: avoid snooping by unauthorized sources.
SNMPv3 defines a user-based security model, which uses a shared key for message authentication.
1. Network management function
Network management includes five functions: fault management, configuration management, billing management, performance management, security management.
(1) Fault management is one of the most basic functions in network management. Network fault management includes fault detection, fault isolation and fault correction, including the following typical functions: maintaining and checking error logs, receiving and responding to error detection reports, tracking, identifying errors, performing diagnostic tests, and correcting errors.
(2) configuration management is the most basic network management function, which is responsible for the establishment of the network, the expansion of services and the maintenance of configuration data, including resource list management, resource opening and service opening.
(3) Billing management records the use of network resources in order to control and monitor the cost and cost of network operation. The purpose of billing management is to calculate and collect users' fees for using network services, to calculate the utilization rate of network resources and to calculate the cost-effectiveness of the network. Billing management includes the following functions: calculating the cost of network construction and operation, counting the utilization of the network and its resources, collecting billing data online, calculating the network service fees that users should pay, and bill management.
(4) the purpose of performance management is to maintain network quality of service (QoS) and network operation efficiency. Therefore, it is necessary to have the monitoring function, performance analysis function, performance management and control function, and maintenance function of the performance database.
(5) Security management adopts information security measures to protect systems, data and services in the network. The purpose of security management is to provide privacy, authentication and integrity protection mechanisms of information, so that services, data and systems in the network are protected from intrusion and destruction.
2. Four types of management operations are provided in SNMP
(1) get operation is used to extract specific network management information.
(2) get-next operation provides powerful ability to extract management information by traversing activities.
(3) set operation is used to control management information (modification, setting)
(3) the trap operation is used to report important events.
Snmp Construction of Windows operating system platform
By looking at the port status of our windows system, the polling port UDP 161of the snmp protocol is not open before making any settings for snmp.
The Windows operating system installs snmp protocol support, installs windows components, and adds SNMP providers and simple network management protocols in management and monitoring tools.
Settings for Snmp services, proxy device information, and secure operations to accept community names. The group names we add here are snmp default test group names public and private, respectively. We are here to do experimental testing, and that's all we need. In practice, it must not be used in this way, there is no security at all, maybe others may monitor the running status of your device when using the test group name.
Send a report to a NMS network management workstation under the name of a group
Here we can see that by installing the windows component to add the simple Network Management Protocol, the computer's snmp polling and reported UDP 161,162 ports have been opened. Since our local role is the monitored host, we do not need to open port 162or monitor other objects to shut down the SNMP Trap Service service.
As a monitored object, you only need to be polled by the NMS network management workstation and leave the port 161of UDP open.
Building SNMP Services on Linux operating system platform
The Linux system installs the snmp service package. If it is only the monitored object, you only need to install the snmp service package on the Linux system and start the polling UDP 161port (that is, snmpd service). As a network management workstation, it is not enough to install only the snmp service package on the Linux system, and you also need to install the snmp service toolkit net-snmp-utils-5.3.2.2-7.el5.i386.rpm. After installation, start the UDP 162port of the report receiving service (that is, the snmptrapd service). If we are not only the network management workstation but also the monitored object, we need to install the snmp service package and net-snmp-utils-5.3.2.2-7.el5.i386.rpm, the tool package of the snmp network management workstation, and open polling (UDP 161port) and report (UDP 162port).
[root@localhost~] # mkdir / mnt/cdrom # establish CD mount point
[root@localhost~] # mount / dev/cdrom / mnt/cdrom # Mount the CD to the CD mount point
Mount: blockdevice / dev/cdrom is write-protected, mounting read-only
[root@localhost ~] # ll / mnt/cdrom/Server/ | grep snmp* # query CD service package all packages related to snmp
-Rmuri root root-86 root root 712539 Jul 29 2009net-snmp-5.3.2.2-7.el5.i386.rpm
-Rafael root root-99 root root 1995850 Jul 29 2009net-snmp-devel-5.3.2.2-7.el5.i386.rpm
-Rafael root root-99 root root 1317716 Jul 29 2009net-snmp-libs-5.3.2.2-7.el5.i386.rpm
-Rmuri root root-86 root root 201604 Jul 29 2009net-snmp-perl-5.3.2.2-7.el5.i386.rpm
-Rmuri root root-86 root root 189477 Jul 29 2009net-snmp-utils-5.3.2.2-7.el5.i386.rpm
-264root root Mar 26 2009 php-snmp-5.1.6-23.2.el5_3.i386.rpm
[root@localhost~] # rpm-ivh / mnt/cdrom/Server/net-snmp-5.3.2.2-7.el5.i386.rpm
Error: Faileddependencies: # install the snmp service package to create dependencies
Libsensors.so.3 is needed bynet-snmp-5.3.2.2-7.el5.i386
[root@localhost ~] # ll/mnt/cdrom/Server/ | grep sensor # resolve dependencies and find software packages related to dependencies in CD service packages
-243root root Dec 9 2008lm_sensors-2.10.7-4.el5.i386.rpm
-243root root Dec 9 2008lm_sensors-devel-2.10.7-4.el5.i386.rpm
[root@localhost~] # rpm-ivh / mnt/cdrom/Server/lm_sensors-2.10.7-4.el5.i386.rpm Preparing... # [100%]
1:lm_sensors # # [100%]
[root@localhost~] # rpm-ivh / mnt/cdrom/Server/net-snmp-5.3.2.2-7.el5.i386.rpm
Preparing... # [100%]
1:net-snmp # # [100%]
[root@localhost~] # service snmptrapd start # start the snmptrapd service of the network management workstation
Startingsnmptrapd: [OK]
[root@localhost~] # netstat-tupln | grep snmp # View the port of the snmp service
Udp 0 0 0.0.0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0
[root@localhost~] # rpm-ivh / mnt/cdrom/Server/
Net-snmp-utils-5.3.2.2-7.el5.i386.rpm # tool package for installing snmp network management workstations
Preparing... # [100%]
1:net-snmp-utils # # [100%]
[root@localhost~] # service snmpd start # start the snmp service as the monitored object
Startingsnmpd: [OK]
[root@localhost~] # netstat-tupln | grep snmp # View the port of the snmp service
Tcp 0 0127.0.0.1purl 1990.0.0.0purl * LISTEN 3270/snmpd
Udp 0 0 0.0.0. 0 161 0.0.0. 0. 0. 0. 0. 0.
Udp 0 0 0.0.0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0
# talk to the local public community using the snmp 2c version of the service
[root@localhost~] # snmpwalk-v 2c-c public 127.0.0.1
SNMPv2-MIB::sysDescr.0= STRING: Linux localhost.localdomain 2.6.18-164.el5 # 1 SMP Tue Aug 18 15:51:54EDT 2009 i686
SNMPv2-MIB::sysObjectID.0= OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance= Timeticks: (164203) 0RV 2722.03
SNMPv2-MIB::sysContact.0= STRING: Root (configure / etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0= STRING: localhost.localdomain
SNMPv2-MIB::sysLocation.0= STRING: Unknown (edit / etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORID.1= OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2= OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3= OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4= OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5= OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6= OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7= OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8= OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1= STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.2= STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.3= STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.4= STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.5= STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.6= STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.7= STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.8= STRING: The management information definitions for the SNMP User-basedSecurity Model.
SNMPv2-MIB::sysORUpTime.1= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.2= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.3= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.4= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.5= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.6= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.7= Timeticks: (6) 0VR 0000RU 00.06
SNMPv2-MIB::sysORUpTime.8= Timeticks: (6) 0VR 0000RU 00.06
HOST-RESOURCES-MIB::hrSystemUptime.0= Timeticks: (250566) 041purl 45.66
HOST-RESOURCES-MIB::hrSystemUptime.0= No more variables left in this MIB View (It is past the end of the MIB tree)
Application case of simple routing Protocol (SNMP)
Topology Diagram:
Experimental environment: one windows server 2003 snmp network management workstation, what's up gold v8.0, two Huawei QuidewayR2621 routers, one Huawei Quideway S2000 series 2403H-EI switch, and one windows server 2003 web server Snmp network management workstation network setup and installation of network monitoring software what's up gold v8.0.
R1 configuration results:
[R1] dis cu
Now create configuration...
Current configuration
!
Version 1.74
Sysname R1
Firewall enable
Aaa-enable
Aaa accounting-scheme optional
!
Interface Ethernet0
Ip address 192.168.2.1 255.255.255.0
!
Interface Ethernet1
Ip address 192.168.3.1 255.255.255.0
!
Ip route-static 192.168.4.0 255.255.255.0192.168.3.2 preference 60
!
Snmp-agent # snmp Agent
Snmp-agent local-engineid800007DB0300E0FC0676B5 # Agent serial number assigned by the system
Snmp-agent community read public # sets the public community to have read permission
Snmp-agent community write private # sets the private community to have read and write permissions
Snmp-agent sys-info contact user1 # Agent Information Settings contact user1
Snmp-agent sys-info location jifang-1 # location jifang-1 of the proxy device
Snmp-agent sys-info version all # matches all versions of all snmp protocols
The snmp-agent target-host trap address192.168.2.200 securityname public # agent device initiatively sends a report to the 192.168.2.200 NMS network management workstation under the public community name under the following conditions
Snmp-agent trap enable bgp #
Snmp-agent trap enable dlsw # system
Snmp-agent trap enable frame-relay # system
Snmp-agent trap enable isdn call-detail # default
Snmp-agent trap enable entity # recognition
Snmp-agent trap enable ndec # parameter
Number of snmp-agent trap enable ospf #
Snmp-agent trap enable pos #
Snmp-agent trap enable rmon #
Snmpagent trap enable standardauthentication coldstart linkdown linkup warmstart # snmp network management workstation verifies and polls the linkdown, linkup, warmstart status of agent devices in a standard way
Snmp-agent trap enable ssh
Snmp-agent trap enable system
Snmp-agent trap enable ts
!
Return
R2 configuration result:
[R2] dis cu
Now create configuration...
Current configuration
!
Version 1.74
Sysname R2
Undo pos-server addr-switch
Firewall enable
Aaa-enable
Aaa accounting-scheme optional
!
Interface Ethernet0
Ip address 192.168.4.1 255.255.255.0
!
Interface Ethernet1
Ip address 192.168.3.2 255.255.255.0
!
Quit
Ip route-static 192.168.2.0 255.255.255.0192.168.3.1 preference 60
!
Snmp-agent
Snmp-agent local-engineid800007DB0300E0FC123897
Snmp-agent community read public
Snmp-agent community write private
Snmp-agent sys-info contact user2
Snmp-agent sys-info location jifang-2
Snmp-agent sys-info version all
Snmp-agent target-host trap address192.168.2.200 securityname public
Snmp-agent trap enable bgp
Snmp-agent trap enable dlsw
Snmp-agent trap enable frame-relay
Snmp-agent trap enable isdn call-detail
Snmp-agent trap enable entity
Snmp-agent trap enable ndec
Snmp-agent trap enable ospf
Snmp-agent trap enable pos
Snmp-agent trap enable rmon
Snmp-agent trap enable standardauthentication coldstart linkdown linkup warmstart
Snmp-agent trap enable ssh
Snmp-agent trap enable system
Snmp-agent trap enable ts
!
Return
SW configuration result:
[SW] dis cu
#
Sysname SW
#
Radius schemesystem
#
Domain system
#
Vlan 1
#
InterfaceVlan-interface1
Ip address 192.168.4.2 255.255.255.0
#
Ip route-static 0.0.0.0 0.0.0.0 192.168.4.1preference 60
#
Snmp-agent
Snmp-agent local-engineid800007DB000FE27421586877
Snmp-agent community read public
Snmp-agent community write private
Snmp-agent sys-info contact user2
Snmp-agent sys-info location jiafang-2
Snmp-agent sys-info version all
Snmp-agent target-host trap address udp-domain192.168.2.200 params securityname public # proxy device actively uses UDP port 162to send reports to NMS network management workstation (192.168.2.200)
#
User-interface aux0
User-interface vty0 4
#
Return
Start scanning the network after the network monitoring software
The scanned network will show several map about the network in the software.
By summarizing several map pieces on a single topology diagram, the device can be connected and managed by right-clicking, and the device can be accessed or managed by ping or web.
When our equipment changes, due to the polling of the NMS network management workstation and the reporting function of the equipment, the monitoring software in the NMS network management workstation will warn the change by changing the color.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 226
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.