Scanning for SNMP communities

2018-03-02 Ronny Trommer
Adding devices into monitoring system is easy. Getting all the right SNMP communities for them is harder. People don’t give you the right community string or forget to open firewall ports. If you have to test a lot of IP’s against various IP addresses you can use nmap and a community list file as an input. Be aware you talk about permission to run this test otherwise somebody can get angry when you try to brute-force community strings against their devices. Continue reading

Net-SNMP version 3 and OpenNMS

2017-09-22 Ronny Trommer
To monitor your systems you rely heavily on SNMP, it gives out of the box a lot of possibilities getting important performance and status information. The main topic security is often not considered. SNMP version 1 and 2c transmit everything in plain text over the wire. There is also no user, password authentication method, just a shared community string which gives access to the information. To address these problems SNMP v3 was introduced. Continue reading

Cleaner log with Docker and SNMP

2017-05-19 Ronny Trommer
Centralizing logs is important as soon you have more than 2 servers. In my environment the bare metal is monitored with Net-SNMP and my services are deployed as containers with Docker. All system logs are sent to a Graylog2 instance and I quickly noticed a few ugly entries caused by snmpd. Cannot statfs /run/docker/netns/...: Permission denied You will notice a few of them. First approach try to increase the logging level in /etc/default/snmpd from SNMP daemon with Continue reading