How to determine whether the SNMP service of the remote host is enabled

Source: Internet
Author: User

One thing we have done in recent days: Determine whether the remote host has enabled the SNMP service. At first, I thought this was not a very difficult task, but most of the things in the world would be counterproductive. As we went deeper, this problem began to show her face. (Haha, I 've read more about terrorism novels recently ).


At the beginning, I thought this was a common problem. To further understand this problem, I sent an inquiry message to the remote host through standard SNMP, for example, MIB are sysdesc nodes, such
If the SNMP service is not installed on the host, I get a timeout response. If I use an incorrect community, I will also get
Timeout response. I want to differentiate the two cases.


At first, I think the third-party jar packages for SNMP may have solved this problem, such as snmp4j, a well-received open-source project. However, the applicable API is not found. Fail again
Mail sent to snmp4j after defeat
List sends a mail to ask this question and soon gets a reply: cannot distinguish them (with any SNMP
Entity), because that is behavior is the desired
One. Why? Why? Suddenly I realized that the damn SNMP protocol is UDP (161,162 ). The damn UDP protocol is extremely irresponsible but effective.
Rate protocol, in simple words, is that you only send, UDP port only receive, as to whether to receive, or receive is a wrong packet, it will not tell you, it is not guaranteed that the sent messages will be received (compared with TCP
Protocol, such as three-way handshake ). This means that after you use the wrong community, you cannot expect SNMP to tell you that you will only get a timeout.


Okay, this path failed, but I know the root cause is that SNMP uses the UDP protocol, so start with UDP port detection. Google, I recommend! UDP port detection is troublesome. A foreigner has an article:
Trouble with UDP port scanning,
The lecture is very thorough. The basic principle for UDP port detection is: if a packet is sent to an unenabled UDP port, the system where the port is located will send a port that cannot reach the ICMP packet,
1. This ICMP packet is not forcibly sent and will not be sent by some systems. 2. This message may be confiscated by the firewall of the host. There are several other factors. In short, there is a lot of uncertainty in UDP port detection!


So far, this problem has not been solved, and the Nmap tool is very powerful!

This article only records this unfinished question. If there is any result, continue writing. Later, go to bed ......

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.