# become root su - root; # rpm based yum install nmap # apt based apt install nmap # find snmp enabled devices # (UDP port 161, can not be tested with telnet (can only do TCP)) nmap -sU -p 161 --script default,snmp-sysdescr 192.168.0.0/24
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more.
the goal: OVERVIEW over NETWORK DEVICES
every good admin(s) HAVE to do it (except the very lazy and unprofessional ones).
- generate some sort of overview over all network devices
- their IP address
- password logins
after all the goal is: to get a nice web based overview over ALL network devices (also non snmp enabled devices… if they react on ANY port)
and yes: maybe even monitor device health.
that was the goal of snmp v1 v2 and v3.
a simple goal by bad design and implementation just become overly complicated task only hacker pros can accomplish.
observium test: what one ends up with is: not much
after a setup on CentOS7 failed (nice they got a tutorial but it seems not to be well tested because what one ends up with is apache2 missconfiguration css mime type plain text mess (apache2 is also a complex BEAST to configure))
so went for https://www.turnkeylinux.org/observium
(thanks for providing this, NICE! 512MByte of RAM enough, really DO NOT NEED fail2ban or virtualmin but well… X-D)
if one wants to use this appliance.ova this in virtualbox, make sure to:
- import the ova via File -> import Appliance (went well in virtualbox 5.1.18)
- immediately afterwards (before starting the vm) go to media manager and clone the harddisk.vmdk (virtualbox does not handle this vmware format well) to a harddisk.vdi
- swap vm’s harddisk from harddisk.vmdk (can be deleted afterwards) to harddisk.vdi
- now one can safely startup the appliance and it runs fast and sleak
but then… noooooo! X-D
observium fail: it is said to have a nice auto discovery feature… well maybe… had to find snmp devices via above nmap then add them manually via their IP address (mac did not work)
… a list of all brother printers and scanners (better than nothing but surely not enough to monitor the network properly).
what is outstanding: is the amount of information and also yes it is a nice overview.
uptime of printer X… nice to know, but what is it good for X-D
while it is nice to now… when the last print job was done… and the amount of printed pages over time… and how toner levels change over time…
what about that USB connected APC USV?
what about that intel server mainboard?
what about that cisco switch? (and all the other devices)
why is it so complicated?
toner levels: actually it is more a guessing than measuring here
because imho brother instead of actually measuring the toner contents simply counts down… and if one manually resets the toner page countdown … one can keep printing for quiet a while and save a lot of toner… SHAME ON BROTHER! great devices especially the older mfc 9465 but toner countdown to death instead of actual sensors = maximizing profits on the toner resale market while making people throw away a lot of toner = waste!!! NOT OKAY!)