RE: Network monitoring with SNMP
Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Do you have a Windows Management Instrumentation client that will be accessing snmp information on this server? From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:55 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Haven't used WMI before...would it be beneficial? Joe Heaton -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:06 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Do you have a Windows Management Instrumentation client that will be accessing snmp information on this server? From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:55 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
It opens up the door for some flashier SNMP monitoring, but iirc, it's not as secure. I used nsclient to capture what vanilla SNMP misses... -Original Message- From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Thursday, May 01, 2008 1:10 PM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Haven't used WMI before...would it be beneficial? Joe Heaton -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:06 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Do you have a Windows Management Instrumentation client that will be accessing snmp information on this server? From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:55 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Heh, well thats kind of like saying do you need smtp on a server? If you need it, its rather helpfull:) My guess if you don't know about it, you arent in need of leveraging it. It allows you to do exactly what I asked if you were doing, poll snmp via wmi. I would assume you are not doing this. jlc From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 12:09 PM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Haven't used WMI before...would it be beneficial? Joe Heaton -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:06 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Do you have a Windows Management Instrumentation client that will be accessing snmp information on this server? From: Joe Heaton [EMAIL PROTECTED] Sent: Thursday, May 01, 2008 11:55 AM To: NT System Admin Issues Subject: RE: Network monitoring with SNMP Should I be installing the WMI SNMP Provider as well as the SNMP service on my servers? Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Absolutely, You also try and use SNMP V3 if you can, its more secure than SNMP V1,.2 Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -Original Message- From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 4:55 PM To: NT System Admin Issues Subject: Network monitoring with SNMP You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Network monitoring with SNMP
I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Yep, installing SNMP on servers at the moment, so that I can eval a couple of Network Monitoring packages. Unfortunately, I can't do open source, so the ones I'm looking at are SCE 2007, Whatsup Gold, and ipMonitor. I'm not putting in a private string, I'm hoping that these packages won't need to write anything to the devices, just read stats. Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 30, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP I think you're in for a treat - mrtg, cacti, nagios and a host of other tools await, giving you all sorts of monitoring goodness. However, to be entirely clear, if you've got someone sniffing the wire, and you're using v1, even ridiculously long community strings won't help - it's all plain text. OTOH, if you never use private (i.e. read/write) strings, it might not be that big of a deal, though you can get an *awful* lot of information from SNMP under Windows. If you're limited to v1, and completely paranoid (and what proper sysadmin isn't?) you might be able to establish your SNMP over IPSec - I haven't tried that, but it seems doable. On 4/30/08, Joe Heaton [EMAIL PROTECTED] wrote: Sorry Kurt, I've actually never implemented SNMP before (I know, weird, huh?) However, the logical part of my brain was screaming at me that it was a DUH! type of question... Joe Heaton -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 5:10 PM To: NT System Admin Issues Subject: Re: Network monitoring with SNMP On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Network monitoring with SNMP
You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Network monitoring with SNMP
Well, let's put it this way. Our Auditors scream when they find public or private for snmp community strings. So, that's a definite yes, you should change those strings right after you change the default password on the devices in question. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 29, 2008 3:55 PM To: NT System Admin Issues Subject: Network monitoring with SNMP You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Network monitoring with SNMP
On 4/29/08, Joe Heaton [EMAIL PROTECTED] wrote: You guys don't use the default community strings with SNMP do you? These should be changed to something unique, correct? Um, the only word that comes to mind here is duh. Most implementations are still v1, which is completely plain text. Next most common, from my limited reading, are v2c and then v3 - and it's only with v3 that you get reasonable encryption, but staying away from the defaults is still the only way to go. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~