-->

  • All About SNMP

     


     


    Enumeration Using SNMP


    SNMP stands for simple network management protocol is an application layer protocol which uses UDP protocol to maintain and manages routers, switch, hubs other devices on an IP network. SNMP is a very common protocol found enabled on a variety of operating system like windows server, linux and unix server as well as network devices like routers, switches etc.


    SNMP enumeration is used to enumerate user accoundts, passwords, group, system names, devices on a target system.


    It consists of three major elements :


    1) SNMP Manager (Managed Devices) - A managed device is a device or a host (technically known as node) which has the SNMP services enabled. These devices could be routers, switches, hubs, bridges computer etc.

    OR

    It is a contralised system used to monitor-network. It is also known as network management station (NMS).


    2) SNMP Agent - It is a software management devices can be network devices. Managed devices can be network devices like PC, routers, switches server etc.

    3) Management information Base - MIB consists of information of resources that are to tbe managed. These infromation is organised hi-erachically. It consists of objects instances which are essentially variables.



    SNMP Messages


    In snmp there are different variables are -


    1) GetRequest     - SNMP manager sends from SNMP agent. It is simply used to retieve data from snmp agent. In response to this, snmp agent responds with requested value thorugh response messages.

    2) GetNextRequest - This message can be sent to discover what data is available on a SNMP agent. The snmp manager can request for data continuously until no more data is left. In this way, SNMP manager can take knowledege of all the available data on SNMP agent.


    3) GetBulkRequest - This message is used to retrieve large data at once by the SNMP agent. It is introduced in SNMPv2c

    4) SetRequest - It is used to SNMP manager to set the value of an obbject instance an the SNMP agent.

    5) Response - It is a message send from agent upon a request from manager. When sent in response to set messages, it will contain the newly set value as confirmation that the value has been set.

    6) Trap - These are messages send by the agent without being requested by the manager. It is sent when a fault has occured.

    7) InformRequest - It was introduced in SNMPv2c, used to identify if the trap message has been received by the manager or not. The agent can be configured to set up trap continuously until it receives an inform messages. It is same as trap but adds an acknowledge that trap doesn't provide.



    SNMP Versions - There are 3 version  of SNMP.


    1) SNMPv1 - It uses community strings for authentication. It uses UDP but can be configured to use TCP.

    2) SNMPv2 - It uses community strings for authentication. It uses UDP but can configured to use TCP.

    3) SNMPv3 - It uses Hash based MAC with MD5 or SHA for authentication and DES-56 for privacy. This version uses TCP. Therefor conclusion is the higher the version for SNMP, more secure it will be.



    SNMP Security Levels -  It defines the type of security algorithm performs on SNMP packets. There are used in only SNMPv3. There are 3 security leveles namely.


    1) NoAuthentication - This ( no authentication no privacy ) security level uses community string for authentication and no encryption for privacy.

    2) authNopriv - This security level (authentication, no privacy) uses HMAC and MD5 or SHA for authentication and encryption uses DES-56 Algorithm.



    SNMP Enumeration - Default SNMP to view or modify then SNMP can configuration settings. Attackers can enumerate SNMP on remote network devices for the following -

    # Information about network resources such as routers, share, devices etc.

    # ARP and routing tables.

    # Device specific information

    # Traffic statistic etc.



    SNMP Enumeration Tools


    The following table shows the list of tools to perform SNMP Enumeration.


    Name of the Tool and weblinks

    1) Oputils


    www.manageengine.com/products/oputils


    2) Solarwinds

    www.solarwinds.com

     

    3) SNScan

    www.mcafee.com/us/downloads/free-tools/scscan.aspx

     

    4) SNMP Scanner


    http://www.secure-bytes.com/snmp-scanner.php

     

     

     


    Disclaimer

     

    All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.

     

     

     

     

    • 0 comments:

    Post a Comment

    For Any Tech Updates, Hacking News, Internet, Computer, Technology and related to IT Field Articles Follow Our Blog.