SNMP

SNMP

https://oidref.com/ Simple Network Management Protocol (SNMP) Object Identifier (OID) anything on a device that can be monitored on a device has an OID.

Management Information Base (MIB) helps translate OIDs to human readable information OID.

This is a protocol that is designed to manage the network and nodes on the network.

SNMP Is traditionally configured with default public and private community strings.

MIB is a database containing information typically related to network management.

A SNMP server can get information from a node by poling or getting notified

  • Poling

    • the server contacts the node on port UDP 161.

  • Notifying

    • the node contacts the server on port 162

    Versions

    1, 2c, 3

    • 1 & 2c

      • All you need is the community string to get the information from the node.

      • No encryption

    • 3

      • Username and password

      • Has encryption

MIB Tree

Value

Information

1.3.6.1.2.1.6.13.1.3

TCP Local Ports

1.3.6.1.2.1.25.1.6.0

System Processes

1.3.6.1.2.1.25.2.3.1.4

Storage Units

1.3.6.1.2.1.25.4.2.1.2

Running Programs

1.3.6.1.2.1.25.4.2.1.4

Processes Path

1.3.6.1.2.1.25.6.3.1.2

Software Name

1.3.6.1.4.1.77.1.2.25

User Accounts

Enumerating the MIB Tree

snmpwalk -c <community> -v <version 1, 2c, 3> <IP>

Example:

snmpwalk -c public -v1 -t 10.10.10.88

Enumerate Windows Users

snmpwalk -c <community> -v <version 1, 2c> <IP> 1.3.6.1.4.1.77.1.2.25

Enumerating Running Windows Processes

snmpwalk -c <community> -v <version 1, 2c> <IP> 1.3.6.1.2.1.25.4.2.1.2

Enumerating open TCP Ports

snmpwalk -c <community> -v <version 1, 2c> <IP> 1.3.6.1.2.1.6.13.1.3

Enumerating Installed Software

snmpwalk -c <community> -v <version 1, 2c> <IP> 1.3.6.1.2.1.25.6.3.1.2

snmpwalk with MIBS

Install snmp-mibs-downloader

sudo apt install snmp-mibs-downloader

Modify /etc/snmp/snmp.conf and comment out line 4

PreviousSMTPNextSSH

Last updated

Was this helpful?