Presentation is loading. Please wait.

Presentation is loading. Please wait.

ECE-6612 Prof. John A. Copeland 404 894-5177 Office: Klaus 3362 or call.

Published byAudra Townsend Modified over 9 years ago

Similar presentations

Presentation on theme: "ECE-6612 Prof. John A. Copeland 404 894-5177 Office: Klaus 3362 or call."— Presentation transcript:

1 ECE-6612 http://www.csc.gatech.edu/copeland/jac/6612/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 Office: Klaus 3362 email or call for office visit Chap 8: SNMP - Simple Network Mgmt Protocol Includes copies of figures from Chap. 8 of “Network Security Essentials, Applications and Standards” by William Stallings

2 2 An integrated collection of tools for network monitoring and control. Single operator interface. Minimal amount of separate equipment – software and network communications capability built into the existingequipment. The primary parts are: Management station (central control, has a “agent”) Management agents (software in network equipment) Management Information Base (MIB) Network management protocol (rules for communication) Network Management Architecture

3 3

4 4 “SNMP Management Station” - central control. It can set parameters and collect information from the “SNMP Agents” located on the controlled network systems. “Proxy” – an add-on box to add SNMP features to a network unit (router, modem, PC, …) that does not have built-in SNMP capability. “Trap” – an unsolicited message, perhaps reporting an alarm condition (to UDP port 162). “Intermediate Management Station” - for distributed control. It can set parameters and collect information from the Agents on a local region of the network. Only the more important information would be passed up to the Management Station. SNMP Terminology

5 5 SNMP v1, v2, and v3 SNMPv1 (version 1) is “connectionless” since it utilizes UDP (rather than TCP) as the transport layer protocol. SNMPv2 allows the use of TCP for “reliable, connection-oriented” service. Problems with SNMP v1 addressed by version 2: Lack of support for distributed network management. Functional deficiencies - v2 can use TCP/IP and Novell IPX Problem addressed by version 3: Security - version 1 used a community name as a password. Version 3 adds encryption, and host authentication,

6 6 The Role of SNMP

7 7 Proxy Configuration

8 8 SNMP v3 – a Security Add-on SNMP v3 “engine” operating at the Application Layer: On outgoing PDU’s inserts authentication codes (MACs), encrypts certain fields, encapsulates the PDU into a message for transmission. For incoming messages (from the Transport Layer) performs authentication verification, decryption, and extracts PDU’s from the message to pass up to the SNMP applications above. Security Subsystem- performs the authentication and encryption tasks.

9 9 SNMP Protocol Architecture

10 10 SNMPv3 PDU with User Security Model (USM)

11 11 Messages Use the Management Info. Base (MIB) and ASN.1 (Abstract Syntax Notation) Objects (Parameters ) are expressed as leaves on the MIB tree. Object Object ID (OID) +--iso(1).1 +--org(3).1.3 +--dod(6).1.3.6 +--internet(1).1.3.6.1 +--directory(1).1.3.6.1.1 +--mgmt(2).1.3.6.1.2 | +--mib-2(1).1.3.6.1.2.1 | +--transmission(10).1.3.6.1.2.10 +--experimental(3).1.3.6.1.3 +--private(4).1.3.6.1.4 | +--enterprises(1).1.3.6.1.4.1 [next number is company ID]* +--security(5).1.3.6.1.5 +--snmpV2(6).1.3.6.1.6 +--snmpDomains(1).1.3.6.1.6.1 +--snmpProxys(2).1.3.6.1.6.2 +--snmpModules(3).1.3.6.1.6.3 * when a company gets a number from IANA, it can extend the tree to cover a new system.

12 12 trap_server.pl 9/26/04 22:45 [data has the form: 30(length), (6)OID, (42) value or (44) string] From: 209.128.181.100 Mon Sep 27 21:24:26 EDT 2004 Len: 82 1 26 - 294 Version: 2 Domain: public Reg_ID: 391 Error: 0 Index: 0 Byte: 29 Type: 30 0 82 1 9 - 265 Byte: 33 Type: 30 1 f - 15 Byte: 35 Type: 6 1.1.3.6.1.2.1.1.3.0 System Up Time (0.01 s) Byte: 45 Type: 43 1 1977555 -> sysUpTime = 19775.55 s Byte: 50 Type: 30 1 1c - 28 Byte: 52 Type: 6 2.1.3.6.1.6.3.1.1.4.1.0 Type of Event Byte: 64 Type: 6 2.1.3.6.1.4.1.8712.4.1.1.2.1.7.5 Indicates that the IP has a profile violation. -> snmpTrapOID = swCoreEventOOP Byte: 80 Type: 30 2 2a - 42 Byte: 82 Type: 6 3.1.3.6.1.4.1.8712.4.1.1.2.1.1.1 Byte: 98 Type: 44 3 StealthWatch+Therminator -> stealthwatchCoreConfig = StealthWatch+Therminator Byte: 124 Type: 30 3 16 - 22 Byte: 126 Type: 6 4.1.3.6.1.4.1.8712.4.1.1.2.1.6.1.1 The unique alarm identifier (serial no). Byte: 143 Type: 42 4 207986 -> stealthwatchCoreAlarmsId = 207986 Byte: 148 Type: 30 4 22 - 34 Byte: 150 Type: 6 5.1.3.6.1.4.1.8712.4.1.1.2.1.6.1.3 Host Ip Address of [that caused] the alarm. Byte: 167 Type: 44 5 209.182.185.012 -> stealthwatchCoreAlarmsHost = 209.182.185.012 Decoding a UDP Trap Message

13 13 To work with SNMP messages on a unix system, install the Net- SNMP utilitys, available at “www.net-snmp.org A number of standard MIBs will then be found in /usr/share/snmp/mibs To look up Enterprise Numbers, go to Web site of the Internet Assigned Numbers Authority (IANA), “www.iana.org/assignments/enterprise-numbers”. The “List of Lists” at “www.iana.org/numbers.html” is a wonderful body of information on all the Internet assigned numbers (protocols, ports, IPs vs. area, AS numbers,...). For information on ASN.1 - “www.cs.columbia.edu/~hgs/internet/asn.1.html” RFC’s on SNMP: 788, 1098, 1215, 1442, 1592, 1906, 2578. To get them, use “www.ietf.org/rfc/rfc.txt” Sources of SNMP Information on the Web

Download ppt "ECE-6612 Prof. John A. Copeland 404 894-5177 Office: Klaus 3362 or call."

Similar presentations

Henric Johnson1 Chapter 12 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 12 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden
Net Security1 Chapter 8 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew Yang.

Net Security1 Chapter 8 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew Yang.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Natting NATTING. Private vs Public IP Addresses Whatever connects directly into Internet must have public (globally unique) IP address There is a shortage.

Natting NATTING. Private vs Public IP Addresses Whatever connects directly into Internet must have public (globally unique) IP address There is a shortage.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim 04.19.2010.

CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
NS-H0503-02/11041 SNMP. NS-H0503-02/11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.

NS-H /11041 SNMP. NS-H /11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
Network Management Definition ...deploying and coordinating resources in order to plan, operate, administer, analyze, evaluate, design and expand communication.

Network Management Definition "...deploying and coordinating resources in order to plan, operate, administer, analyze, evaluate, design and expand communication.
1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.

1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
Introduction to SNMP AfNOG 11, Kigali/Rwanda.

Introduction to SNMP AfNOG 11, Kigali/Rwanda.
ENS 1 SNMP M Clements. ENS 2 Simple Network Management Protocol Manages elements in networks – E.g. routers, switches, IP phones, printers etc. Uses manager.

ENS 1 SNMP M Clements. ENS 2 Simple Network Management Protocol Manages elements in networks – E.g. routers, switches, IP phones, printers etc. Uses manager.
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
Chapter 6 Overview Simple Network Management Protocol

Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.

McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
SNMP Management. 2 Overview u Growth of network size led to need for management techniques u Five main areas u Configuration management u Deals with installing,

SNMP Management. 2 Overview u Growth of network size led to need for management techniques u Five main areas u Configuration management u Deals with installing,

Similar presentations

Ads by Google