Wednesday, May 11, 2011

Small White Wart On Nose

SNMPv3 - Debian Configuration 6

Hello!

In previous entries, which we have studied the SNMP protocol, and we talked about security management in versions 1 and 2 was negligible, since they are based on the concept of community and use a chain of text, sent in plain text, for its management.

SNMPv3 does provide secure access to devices, so that you can access the data without fear of being changed by the journey and in addition, sensitive information (such as a change in the configuration of a router) can be encrypted to prevent their content is exposed on the net. With SNMPv3 we have, therefore, the following features:

  • Message integrity: ensures that a received packet has not been modified.
  • Authentication: Determines that the message came from a valid source.
  • Encryption: the secrecy of the package, preventing it from being read by an unauthorized user.
In SNMPv3, we have 3 levels of security: noAuthnoPriv, authNoPriv and authPriv.


A practical example

Let's see the protocol in operation. We will use the net-snmp utilities , which we saw in the previous post installing and configuring a Debian machine. For

configure snmpd agent Debian machine, so that you can use SNMPv3 for access to information, we have to edit multiple files, but it's easier if you use the program net-snmp-config .

The first thing to do is stop the agent so we can create our first user and give permission to make inquires or to make changes to objects.

# / etc / init.d / snmpd stop

With this command we create the user "test" with password "asdasd123", using MD5 and DES for security:
(NOTE: You must have openssl installed)

# net-snmp-config - SNMPv3-user-create-a test asdasd123

By default, the program adds a line to / etc / snmp / snmpd.conf created which gives a user read / write access. Edit the file can change permissions.

Let's start the agent again in order to test its operation:

# / etc / init.d / snmpd start

The following command requests the OID 1.3.6.1.2.1.1.4 localhost agent. 0, which is sysContact, using the test user:

$ snmpget-v 3-u test-l authPriv-a MD5-A asdasd123-x DES-X asdasd123

localhost 1.3.6.1.2.1.1.4.0 iso.3.6.1.2.1.1.4.0 = STRING: "Chen "

And this other order requests sysLocation:

$ snmpget-v 3-u test-l authPriv-a MD5-A asdasd123-x DES-X localhost asdasd123 1.3.6.1.2.1 .1.6.0

iso.3.6.1.2.1.1.6.0 = STRING: "institute"

In the next picture we see a wireshark capture in which you can see how, indeed, after performing authentication The information travels encrypted, ensuring its integrity and confidentiality:



Greetings!

Tuesday, May 10, 2011

Would A Monroe Piercing Suit Me?

SNMP on Debian Squeeze Squeeze 6

Hello! Following

this series of articles on SNMP ( Introduction , MIBs and messages), today we will see how to configure an SNMP agent on Debian Squeeze 6. To install the service pack must be installed snmpd :

# aptitude install snmpd

The configuration file we should edit to set the agent to our requirements is / etc / snmp / snmpd.conf . However, the syntax of the file is not very comfortable and documentation can be found on the Internet is aimed at older versions of the package. After throw me a while fiddling with the file, my friend Alberto Molina me advised him to take a look at file / usr / share / doc / snmpd / README.Debian , which contains the following:

  The default configuration for snmpd is paranoid for security  Rather 
Reasons. Edit / etc / snmp / snmpd.conf to allow or run snmpconf
Greater access. The

snmpconf Provider to program simple, menu driven way of configuring the snmp
Applications and daemons.

The default configuration of snmpd
quite paranoid about security reasons.

Edit the file / etc / snmp / snmpd.conf or run the script to allow snmpconf
greater access.


THE snmpconf ofrce program a simple, menu-driven, set
applications and daemons snmp.

And the truth is that the service configuration using snmpconf is much simpler. To use the package to install snmp , which contains several utilities:

# aptitude install snmp

And we can throw:

# snmpconf

The program is going by asking questions to help us create the configuration file according to our needs. The first question is whether we want to reuse content from the existing configuration files. We can reuse and snmp.conf snmptrapd.conf .


Then we ask for the file you want to create, in our case snmpd.conf. And shows us the sections that make up the file so that we will be shaping. We start with the access control section:


If we are working with SNMP version 2 (the most common, but much more uncertain than SNMPv3), we must configure the options 3 and / or 4, to create a community of reading and other reading and writing.


If you choose option 3 will ask the name of the community, the addresses of the machines from which requests can be made snmpd agent and objects on which requests can be made.


And the same questions for option 4:


This would be a very basic configuration (very insecure), but we had better to check the operation of the protocol on a Linux machine. And could go out of the menus to exit the program:


Finally, we would que reiniciar el servicio:

#/etc/init.d/snmpd restart

Podemos comprobar el correcto funcionamiento de nuestro agente con cualquier NMS o MIB Browser, como BlackOwl MIB Browser:


En las próximas entradas seguiremos estudiando el protocolo SNMP, centrándonos en los aspectos relacionados con su seguridad.

¡Un saludo!

Monday, May 9, 2011

Difference Between Dismissal And Expungement



¡Hola!

En las entradas anteriores hemos realizado una introducción a SNMP , estudiando sus componentes y arquitectura, y hemos profundizado en los MIBs y el árbol de información de gestión . Hoy we will focus in SNMP messages.

To achieve the goal of being a simple protocol, SNMP proposed a limited set of management commands and responses. The initial version of the protocol was only 5 operators: Get

  • to obtain or read the value of one or more instances of an object. GetNext
  • very similar to Get, it differs in that this operation gets the value of next OID tree
  • Set, to write or set the value of one or more instances of an object.
  • Trap, which are messages sent by agents to the NMS to report that there has been a certain event
  • Response, are the responses from the NMS agents containing the requested values.

SNMPv2 introduced 2 new operators:

  • GetBulk was introduced as an enhancement to Get Next requests, when to get data from a table (such as information of the network interfaces of a computer or table routing).
  • Inform, a message similar to trap but that includes a confirmation from the NMS to receive the message.

GET / GET NEXT / GET BULK / SET


TRAP


INFORM

To see the performance of SNMP in action and to make some catches WireShark need a SNMP NMS and any device. To do this you can use your home router, switch or your own machine.

I will be using a Windows XP virtual machine on which I installed the SNMP service (Start-> Add / Remove Programs -> add windows components -> Management and Monitoring Tools -> SNMP). Once installed you can configure the agent and to define the details. For example, we can establish the contact, which will be the information contained in the sysContact object value, or location, which is the value of sysLoc, both the System group.



If we go to the security tab, we see that by default only public community is created, which is read-only rights. A community (community string) is something like a password in plain text (and therefore very uncertain.) In the next post will discuss security and SNMPv3 protocol.

can create a new community with read and write:


Once the changes have to restart the service. NMS

As we will use the application Blackowl MIB browser. In the picture you can see how I selected the computer on which I work (typing its IP in the Host field), I went sailing through the tree to the group object system and have conducted three operations get to get the value of objects sysDescr, sysContact and sysLocation. As the community of read operations is set by default to public, do not set anything:


As you can see, the values \u200b\u200bthat are returned by the agent that we established previously on the computer.

If you look, the object can be modified sysLocation from the NMS, as access is readwrite. Let's change it! To this end, we must provide our NMS data write of the agent community. We have to go to properties, select SNMPv2 and write the appropriate community string.




If we perform the operation on the object sysLocation September, we miss a new window asking the value to write to the agent:


If we go to the computer and look at the properties we can test SNMP that indeed SysLocation value has changed:


Finally I leave a couple of pictures of the catch made with WireShark get to perform the operation on the object and sysContact response from the agent:



CAUTION After testing, you should disable SNMP or secure in your equipment, lest your teams start doing strange things ...

In the next article speak, precisely, safety and SNMPv3 protocol.

Greetings!


Sources:
http://www3.rad.com/networks/applications/snmp/comp.htm
http://www.manageengine.com/network-monitoring/what-is-snmp.html

Sunday, May 8, 2011

Skype Will Not Detect Webcam

III Introduction to SNMP SNMP II Introduction to Introduction to SNMP

Hello!

This post will continue to study the protocol SNMP. Following a historical introduction previous post and study the components and protocol architecture, today we focus on the MIBs.

We saw in the previous post that each managed device contains an agent that accesses the physical device information and makes it accessible (and, sometimes, configurable) to the NMS. For example, an agent might respond to a request by reporting the number of bytes transmitted by an interface. These variables contain the information of the devices are known as managed objects. A collection of managed objects described in a document called the MIB, so you could say that the MIB files form the set of queries that a NMS can make to an agent.

The management information tree

All management information is defined so that each managed object in any MIB module, either standard or private, has a unique identifier, called object identifier (object identifier, OID .) The OID is a string of integers separated by dots, which places the object into a logical node of a tree known as the management information tree. The integers represent the nodes in the path from the root to the object itself. Each node has a label, which is the integer associated with the node itself, and a brief description.

For historical reasons, remain some nodes that are irrelevant to us and make the object identifiers are longer than necessary. The following figure shows the tree.


Objects that are of interest to us are under the mib-2 node under node snmp v2 and those who are under the node Enterprises. We will see that the managed objects that are related are organized into groups and subgroups, so we do not have thousands of nodes hanging directly mib-2 node, for example.

To take a look at management information tree, you can download a MIB browser and TKMib, available at Debian and Ubuntu repository:

$ sudo aptitude install TKMib
$
TKMib &


if you navigate to the group system, within the mib node -2, see all the managed objects in this group, as sysDescr, sysUpTime, sysName, sysLocation ...



The image shows how to select the object sysDescr we can see its OID, its type and access mode, your description ...

There are 2 types of managed objects, scalar and tabular:

  • scalar objects, SysUpTime as are those who can only return a result, they define a single instance of an object (a single leaf on the tree).
  • For tabular objects, however, there may be multiple instances (multiple leaves on the tree). Consider, for example, a device with multiple network cards in this case there will be a ifSpeed \u200b\u200bobject instance for each of the cards the computer.

In the next post will continue to study the SNMP protocol, focusing on messages management and security of the protocol.

Greetings!

Sources:
http://www3.rad.com/networks/applications/snmp/comp.htm Http://www.manageengine.com/network-monitoring/what-is-snmp.html

Ontario Requirements Concession Trailer



Hello!

This week, I will spend a number of entries to study the protocol SNMP, Simple Netowork Management Protocol - Protocol Simple Network Management, based on the great article of Debby Koren, "Dean" RAD University .

A historical review

Before the advent of SNMP, if you wanted to manage a set of network devices, you should have stations dedicated to management, perhaps with multiple windows for different types of information (statistics, activity, etc.) that were specific to each manufacturer. In fact, it was rare that a manufacturer had a common management station for all your devices.

There was a common protocol, but a lot of proprietary protocols. SNMP was developed to address this problem by offering a protocol for standardized network management so that they could use a common technology for exchanging information consistent between different devices on the network, even those from different manufacturers.

Since the publication of the first RFC SNMP over 20 years, SNMP has been updated several times and has become a standard which is implemented in almost all network devices. Although it was designed with elements of the Internet, you can find all kinds of devices that support it, as air conditioning. You can also use SNMP to manage software systems. SNMP can be used to monitor, configure and obtain information from devices or programs using graphical interfaces in expensive management teams or using a free management software or even from the CLI.

Components and Architecture

There are 4 basic components of SNMP:
  • managed nodes or network elements, which have an agent (agent).
  • At least one station network management (NMS)
  • Management Information
  • A management protocol of the network, using the NMS and the agents to exchange management information
A managed node can be any system, including a software system that has some kind of network connectivity. In fact, early in the development of SNMP, with the aim of demonstrating the versatility of the protocol, the company showed Epilogue how you could use SNMP to manage a toaster.

The agent that contains each node implements the protocol management SNMP. The agent is able to send, receive and parse SNMP messages. The agent interacts with the physical device and obtain the information needed to answer the queries of the NMS and to send trap messages (notification messages). The agent is also able to make changes to the configuration of the device following the instructions from the NMS requests. Agents therefore have to have an access control settings to manage the read / write privileges.

A station network management (NMS ) is a host that is capable of sending and receiving SNMP requests and parse responses and SNMP trap messages to / from the managed nodes. NMS There are many commercial software offers many features like the ability to "discover" the management of the network nodes, graphically displaying the nodes in a network map, using icons for each node type, display status information, statistics, etc.

The third component is the SNMP management information, which is obviously the information exchanged between agents and the NMS. We use the term managed object to refer to a management information unit. Ojo! Do not confuse a managed object to a managed device is not the same. A managed object is an abstract concept, is the definition of a information. For example, suppose you have a device that can change color, we could define a managed object called "color" and its corresponding definition would be "the color of the device."

A collection of related managed objects, which are defined in a document called MIB module (Management Information Base). We will see that there are some standard MIB modules, which are called simply MIBs, all devices must support SNMP. There are other standard MIB modules should be supported only by devices for which the MIB is relevant, and other private MIB specific to a particular manufacturer, containing definitions of managed objects for their teams.

For example, all SNMP manageable devices must have certain information such as IP address, to be considered compliant with the SNMP protocol, this information should be defined in a standard MIB that all devices must support . If the device has an Ethernet interface, then you should be able to provide certain information such as the number of collisions, and this information is defined in a MIB Ethernet, all devices with an Ethernet interface must support. Finally, a manufacturer of switches, for example, could offer a feature that makes their devices more attractive to customers: the switch can change color to blend into the closet. The manufacturer has to offer, therefore, a private MIB that contain a managed object for this purpose.

Therefore, MIBs contain objects representing managed resources, configuration, status, etc. of a system. Managed objects are assigned values \u200b\u200bto represent them, but not the value itself. For example, following the example of the managed object "color", its definition is "the color of the device" and its assigned value could be 0 for black, 1 for pink, 2 to gray, 3 for green, etc.. In this case, the object would be an integer, and value represent the entire color. Would be precisely the value of managed object which would be monitored and modified by NMS.

And this brings us to the last component of the management architecture: the management protocol of the network. But wait a moment, is not this what we call 'SNMP'? Is not the protocol SNMP network management? SNMP is that and more, as it defines the MIBs, architecture and protocol for exchanging messages. In this latter respect, the message exchange protocol between the NMS and the managed nodes, including the type of messages and formats is the protocol called network management.

We will see in the next outset that there are several types of SNMP messages, which allow the NMS to read and / or write information, and allow agents to send trap messages to notify or alarm of a certain situation.


Management Architecture


SNMP uses a client-server architecture as shown in the figure below:



As the pioneer NMS SNMP requests, while agents in different managed devices (router, switch, server and toaster) passively await these consultations, we can say that the NMS is the client and server agents. Agents listen requests on port UDP 161.

however, also contains the SNMP management protocol traps. As already mentioned, traps are unsolicited messages that are sent to the NMS by the agents to report unusual events or alarms on a given situation. As the agent is the one who initiates the connection, in this case the agents are clients and NMS servers, listening on UDP port 162.


In the next posts we will continue talking about SNMP, MIBs deepening the , the messages management and security of the protocol.

Greetings!

Wednesday, May 4, 2011

Developing Sudoku In C

BY WAY OF PRESENTATION PRESENTATIONS



This blog is designed to engage the work of students studying the subject of Education and Society in the Faculty of Education of Toledo. Also involved resources from New Technologies Applied to Education Diploma of Education students shared. Included

research on related topics, presentations, book reviews , presentations, blogs and websites designed by students.