SNMP is available on almost every network device such as switches, routers, servers, desktops and laptops. It is a feature provided by the operating system on these devices. Since it is so prevalent and across so many platforms, it is a significant risk to an environment if the SNMP configuration is enabled and the defaults are not changed, a malicious hacker could gain a lot of information and possibly control an organization’s infrastructure with little or no notice by the affected organization.

It is critical that each sysadmin and netadmin understand this service/protocol. It is not something to be taken lightly. Device configurations can be changed using SNMP. Data can be sniffed, redirected and decoded using SNMP. The upside of SNMP is it can be used effectively as a warning system of system/network issues. Thresholds can be monitored and notifications sent before the users detect any issues. Trend analysis can be performed based on historical data.

Here’s a sampling of some SNMP resources to help you gain a better understanding of this protocol/service that is likely already running on your network but not being monitored.

SNMP Link Org – a portal to all things SNMP; has news, software, appliance information and other SNMP related resources.

SNMP Wikipedia article – a great page with links to many SNMP resources

GetIF – a nice free SNMP tool that I use occasionally to quickly watch some SNMP MIBs on devices

What SNMP tools do you like that are easy to use and available for other administrators to use?

Thanks for reading & let’s continue to be good network citizens.

What this means, is that ARP is not a protocol that is easily blocked or disabled on a network. This is as designed but this also means that attackers can use this protocol for malicious activities. It is important that you understand the ARP protocol and the ways it is used and the dangers associated with it.

Laura Chappell, the BitGirl, has created a new tutorial on using ARP to scan networks which may be firewalled or ICMP pings are blocked. ARP will permit you – and attackers – to find hosts on the network. Take some time and watch this short video and gain some valuable insights into ARP.

Watch Chappell University – Ethical Hacking with NetScanTools Pro – ARP Scanning

Thanks for your time and let’s be good network citizens!