Different SNMP protocol operations in Windows and Linux

SNMP is an indispensable helper for network administrators. Its specific function is to assist the Administrator in network management. However, different systems have different operations. Today we will introduce the Operation Problems of the SNMP protocol in windows and Linux systems.

Windows SNMP protocol

The SNMP protocol, also known as the Simple Network Management Protocol, is proposed to solve the router management problem on the Internet. It acts as a proxy in the Windows operating system and collects information that can be reported to the SNMP Management site or the console. The SNMP Service is used to allow the system to collect data and manage Windows 2000/XP/2003-based computers throughout the network.

In general, SNMP messages are sent in plain text, and these messages are easily intercepted and decoded by network analysts such as Microsoft Network Monitor. Unauthorized users can capture community names to obtain important information about network resources. Therefore, for services such as SNMP, you must pay attention to its security before it can be effectively used widely.

To protect our SNMP from being damaged by illegal behaviors, we need to take a series of security measures on the system, such as "IP Security Protocol" to protect SNMP communication. Create an IP Sec policy on the system to protect communications between TCP and UDP ports 161 and 162 to protect the security of the SNMP service.
 
Step 1: Select "Start> Control Panel> Administrative Tools> Local Security Policy", right-click "IP Security Policy, on the local computer" in the left column ", select "manage IP Filter list and filter operation ".

Step 2: Select "manage IP Filter list" and click "add. In the "IP Filter list", enter "port 161/162" in the name column and enter "port 161/162 filter" in the "Description" box ". Click the remove "add wizard" check box, and then click "add. In the "Source Address" box on the "Addressing" tab of the displayed IP Filter Properties dialog box), select "any IP Address ". In the "target address" area, select "my IP Address" and select "image. Select the check box to match packets with exactly the opposite source and target addresses.

Step 3: click the "protocol" tab and select "UDP" in "select protocol type ". In the "set IP protocol port" area, select "from this port" and enter 161. Click "to this port", enter 161, and click "OK". In the "IP Filter list" dialog box, select "add. Add port 162 again in the same way.

Linux SNMP protocol

The Simple Network Management Protocol (Linux SNMP) is first proposed by the Internet Engineering Task Organization (IETF) research team to solve the router management problem on the Internet. We usually seldom call a database in a managed device a database. In terms of the Linux SNMP protocol, it is usually called the Management Information Library MIB ).

A mib describes the objects or table items contained in the database. Each object or table item has the following four attributes:

◆ Object Type)

◆ Syntax)

◆ Access)

◆ Status)

These attributes are defined in one of the management information structures and identifiers of the Linux SNMP specification SMI; RFC 1155/1065. SMI is equivalent to the schema for databases for MIB. SMI defines each object "what looks like ".

Object Type

This attribute defines the name of a specific object, such as sysUpTime. It is just a tag. When representing data, SMI uses ASN.1 (Abstract Syntax Notation One ). The object must be "identified ". For the Internet management MIB, the identifiers expressed in the ASN.1 notation start with the following:

Internet object identifier ::={ iso org (3) dod (6) 1}

Or use a simple format: 1.3.6.1

This is extracted from the ASN.1 document. It defines a tree format for the identifier. The tree is composed of a root and many labeled nodes connected to it. Each node is identified by a non-negative integer value and a text description as concise as possible. Each node may also have sub-nodes that are also marked.

When describing an OBJECT identifier object indentifier), you can use several formats. The simplest format is to list the integers found by traversing the tree from the root to the discussed OBJECT. Starting from the root level, there are three nodes:

◆ Ccitt (0)

◆ Iso (1)

◆ Joint-iso-cci

We will explain the knowledge about the Linux SNMP protocol this time.