ETC[NETWORK] How to install and configure SNMP

Robert
Dec/17/2018 12:02
view counts 118



Hi!


This time, let's look at how to install and configure SNMP on the server.

If you are wondering what SNMP protocol is, see the link below!


Link:   [NETWORK] What is Simple Network Management Protocol (SNMP)?


In this post, you will learn how to install and configure SNMP packages on a Linux-based server (CentOS)

I'm just going to show you how to set up on a configuration file.



1. Installing SMMP


To use SNMP, you must first check whether the SNMP package is installed on the server.

If it is installed after confirmed the installation, so only modify the SNMP configuration file. Otherwise, We will install the new package.

There are many ways to install packages on a Linux server, but if the server is able to communicate with the Internet, you can install it via the most commonly used "yum" or "rpm" commands!


  1) Check if SNMP package is installed

  • Check if SNMP package is installed by rpm command
## Use the rpm -qa command to verify that the snmp package is installed.
## If nothing is installed, a blank prompt will be printed.

[root @ localhost ~] # rpm -qa | grep snmp 
[root @ localhost ~] #


  2) Install the SNMP package

  • The following packages are required to install SNMP packages.


net-snmp.x86_64    and      net-snmp-utils   


  • Use the yum command to install the package.
## Automatically install the necessary packages through the yum command.
## Use the yum command to automatically install any other files required when installing the snmp package.

[root @ localhost ~] # yum -y install net-snmp.x86_64
 ...
[root @ localhost ~] #  yum -y install net-snmp-utils
 ...


  • Use the rpm command to verify that the package was successfully installed.
[root @ localhost ~] # rpm -qa | grep snmp 
net-snmp-utils-5.5-60.el6.x86_64
net-snmp-5.5-60.el6.x86_64
net-snmp-libs-5.5-60.el6.x86_64 
[root @ localhost ~] #



2. Configure SNMP


Once the SNMP installation is complete, you need to modify the SNMP configuration file so that the SNMP Manager can retrieve the system information.

There are a lot of ways to set it up on the Internet, but in this post, I'll just give you an easy and simple way to set it up.


  1) Modify SNMP configuration file

  • The SNMP configuration file is /etc/snmp/snmpd.conf . 
  • Modify the contents of the file to set community value/host/read/write permission.
  • Back up the original files before changing the settings.
## Change the name of the conf file that is set by default at installation. 
## Back up the built-in settings.

[root @ localhost ~] # mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.default 
[root @ localhost ~] # cd / etc / snmp 
[root @ localhost ~] # ls -al 
total 36
drwxr-xr-x 2 root root 4096 Dec 12 11:33.
drwxr-xr-x. 82 root root 4096 Dec 12 10:52 ..
-rw ------- 1 root root 18861 Oct 16 2017 snmp.conf.default
-rw ------- 1 root root 220 Mar 22 2017 snmptrapd.conf
[root @ localhost snmp] #


  • Create a new SNMP configuration file and add the settings.
## Generate configuration file to read information when SNMP process starts

[root @ localhost ~] # echo rocommunity public >> /etc/snmp/snmpd.conf 
[root @ localhost ~] # cd / etc / snmp 
[root @ localhost snmp] # ls -al 
total 36
drwxr-xr-x 2 root root 4096 Dec 12 11:33.
drwxr-xr-x. 82 root root 4096 Dec 12 10:52 ..
-rw ------- 1 root root 18861 Oct 16 2017 snmp.conf 
-rw ------- 1 root root 18861 Oct 16 2017 snmp.conf.default
-rw ------- 1 root root 220 Mar 22 2017 snmptrapd.conf
[root @ localhost snmp] # cat  /etc/snmp/snmpd.conf
 rocommunity public
[root @ localhost snmp] #


  • Run SNMP process after completed.
[root @ localhost snmp] # service snmpd start 
Starting snmpd: [   OK   ]
[root @ localhost snmp] #


3. Test the SMMP configuration


When you have finished about install and configure SNMP, you should test whether you can actually import system information.

You can test whether the system information is loaded through the following information.


  1) SNMP test

  • Each part of the snmpwalk command has the following meanings.

"Call the system information using the SNMPv2c protocol whose community value is public on the localhost (127.0.0.1) server! "


  • To verify that system information is loaded normally via SNMP, you can use the command snmpwalk.


[root @ localhost ~] # snmpwalk -v 2c -c public localhost system
SNMPv2-MIB :: sysDescr.0 = STRING: Linux logcenter2 2.6.32-431.el6.x86_64 # 1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64
SNMPv2-MIB :: sysObjectID.0 = OID: NET-SNMP-MIB :: netSnmpAgentOIDs.10
DISMAN-EVENT-MIB :: sysUpTimeInstance = Timeticks: (510) 0: 00: 05.10
SNMPv2-MIB :: sysContact.0 = STRING: root @ localhost
SNMPv2-MIB :: sysName.0 = STRING: logcenter2
SNMPv2-MIB :: sysLocation.0 = STRING: Unknown
SNMPv2-MIB :: sysORLastChange.0 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORID.1 = OID: SNMP-MPD-MIB :: snmpMPDMIBObjects.3.1.1
SNMPv2-MIB :: sysORID.2 = OID: SNMP-USER-BASED-SM-MIB :: usmMIBCompliance
SNMPv2-MIB :: sysORID.3 = OID: SNMP-FRAMEWORK-MIB :: snmpFrameworkMIBCompliance
SNMPv2-MIB :: sysORID.4 = OID: SNMPv2-MIB :: snmpMIB
SNMPv2-MIB :: sysORID.5 = OID: TCP-MIB :: tcpMIB
SNMPv2-MIB :: sysORID.6 = OID: IP-MIB :: ip
SNMPv2-MIB :: sysORID.7 = OID: UDP-MIB :: udpMIB
SNMPv2-MIB :: sysORID.8 = OID: SNMP-VIEW-BASED-ACM-MIB :: vacmBasicGroup
SNMPv2-MIB :: sysORDescr.1 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB :: sysORDescr.2 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB :: sysORDescr.3 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB :: sysORDescr.4 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB :: sysORDescr.5 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB :: sysORDescr.6 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB :: sysORDescr.7 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB :: sysORDescr.8 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB :: sysORUpTime.1 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.2 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.3 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.4 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.5 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.6 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.7 = Timeticks: (39) 0: 00: 00.39
SNMPv2-MIB :: sysORUpTime.8 = Timeticks: (39) 0: 00: 00.39


  • If SNMP is installed and set up properly, system-related information will be output as above.



So far, we have seen how to install and configure SNMP in a very simple way.

But there are precautions you should remember.



caution!   This setup method is as simple as possible for those who install and configure SNMP for the first time. So it is very insecure in a state that is exposed to attacks from internal and external.
In actual use, you must set security for each operating environment and use it!




The vulnerability of SNMP and its countermeasures will be discussed in the next post ~


0 0