#snmp — Public Fediverse posts

And I also, with #Claude's help, created MACWatch to solve a huge multi-branch network problem. Utility camps out in my office, scans my entire SD/WAN and uses #SNMP off my #Cisco #Catalysts, tracks everything it's seen in #Sqlite DB, and that gives me a solid place to investigate what my coworkers have plugged into my network. Rogue AP? Not anymore! It tells me what switch, what port, the MAC, and the #OUI manufacturer based on the #IEEE database. No hiding, no lying, no problem!

Простой мониторинг Synology NAS с Grafana и Prometheus

Всем привет! Храню 7 терабайт фото и видео у себя дома на Synology DS224+ с DSM 7.3+ Это сетевое хранилище поддерживает Docker. Я дополнительно установил плашку памяти и теперь у меня 18 ГБ ОЗУ. Но суть в том, что ночами я слышу "булькание" и "шуршание" дисков, кстати диски красные, прямо созданные под сетевые хранилища: WD120EFBX-68B0EN0 две штуки по 12 ТБ с зеркалированием. И у меня возник такой страх, а что если мои файлы что-то форматирует, а я просто лежу и не знаю об этом. И я начал поиски репозиториев на GitHub, посмотрел как делают другие, мне как обычно ничего не подошло и я решил создать свой проект, который полностью меня устраивает. Выложил проект в репозиторий

https://habr.com/ru/articles/1030450/

#synology_nas #мониторинг_сервера #grafana #prometheus #snmp #dsm #selfhosted #домашний_сервер #nas

What is SNMP Security and Exploitation: A Comprehensive Guide

In this article, I cover how SNMP exploitation works, common vulnerabilities, and how to properly secure it.
https://denizhalil.com/2026/01/21/snmp-security-exploitation-guide

#CyberSecurity #SNMP #NetworkSecurity #InfoSec #InfrastructureSecurity #BlueTeam #RedTeam #Pentesting #ITSecurity #SecurityEngineering #DenizHalil

What is SNMP Security and Exploitation: A Comprehensive Guide

In this article, I cover how SNMP exploitation works, common vulnerabilities, and how to properly secure it.
https://denizhalil.com/2026/01/21/snmp-security-exploitation-guide

#CyberSecurity #SNMP #NetworkSecurity #InfoSec #InfrastructureSecurity #BlueTeam #RedTeam #Pentesting #ITSecurity #SecurityEngineering #DenizHalil

What is SNMP Security and Exploitation: A Comprehensive Guide

In this article, I cover how SNMP exploitation works, common vulnerabilities, and how to properly secure it.
https://denizhalil.com/2026/01/21/snmp-security-exploitation-guide

#CyberSecurity #SNMP #NetworkSecurity #InfoSec #InfrastructureSecurity #BlueTeam #RedTeam #Pentesting #ITSecurity #SecurityEngineering #DenizHalil

What is SNMP Security and Exploitation: A Comprehensive Guide

In this article, I cover how SNMP exploitation works, common vulnerabilities, and how to properly secure it.
https://denizhalil.com/2026/01/21/snmp-security-exploitation-guide

#CyberSecurity #SNMP #NetworkSecurity #InfoSec #InfrastructureSecurity #BlueTeam #RedTeam #Pentesting #ITSecurity #SecurityEngineering #DenizHalil

What is SNMP Security and Exploitation: A Comprehensive Guide

In this article, I cover how SNMP exploitation works, common vulnerabilities, and how to properly secure it.
https://denizhalil.com/2026/01/21/snmp-security-exploitation-guide

#CyberSecurity #SNMP #NetworkSecurity #InfoSec #InfrastructureSecurity #BlueTeam #RedTeam #Pentesting #ITSecurity #SecurityEngineering #DenizHalil

Zabbix : supervision des équipements réseaux avec le protocole SNMPv3 https://www.it-connect.fr/tuto-zabbix-supervision-reseau-snmpv3/ #Supervision #Zabbix #Cisco #SNMP

Doing some #netconf stuff recently and I have to say building these queries against your network device is better than I have imagined. The main pain point for me is to find the correct model yang model path. It feels exactly like finding proper values in the #snmp mib . Any tips ? #cisco #devops #netdev

Собираем 1 000 000 метрик в секунду с сетевых устройств

«Бди!» — сказал Козьма Прутков. И действительно, как инженер я считаю важным бдительно следить за показателями сетевых устройств, да и не только сетевых. На связи Александр Балезин из отдела сетевой разработки Yandex Infrastructure. Сегодня расскажу о нашем новом коллекторе метрик с сетевых устройств, о том как мы к нему пришли и о системах вокруг сетевых метрик.

https://habr.com/ru/companies/yandex_cloud_and_infra/articles/1017028/

#snmp #коллектор #observability #телеметрия #NETCONF #gNMI

With a bit of delay, but #syslog_ng 4.11.0 is now available in @fedora #Rawhide. Support for #snmp is enabled again.

Petite introduction sur les réseaux IP et les sockets tirée du stream Twitch d'hier avant de se lancer dans le codage d'un exemple d'utilisation de socket en UDP.

https://videos.apprendre-delphi.fr/w/c8sYdWJAdyiHNtzRrnFNwk
(aussi dispo sur YouTube)

Aujourd'hui on tentera de comprendre le fonctionnement de SNMP et de discuter avec mon imprimante réseau. Si tout se passe bien, vendredi et samedi on transforme l'essai en composant pour VCL/FMX afin de surveiller les imprimantes réseau par drag & drop dans n'importe quel projet.
(et plus tard je coderai la version UDP de la "socket messaging library for Delphi")

#Delphi #Socket #Network #IP #TCP #UDP #SNMP

Joder, se me había llenado el disco de uno de los servidores... en algún momento debería cargar una tool de monitoreo, no?

En casa de herrero 😅

#gnu #linux #management #snmp

RE: https://social.heinlein-support.de/@heinleinsupport/115967519382845243

Ich hab da mal kurz was aufgeschrieben:

#Checkmk #Redfish #SNMP

Was sind die Vorteile von #Redfish gegenüber hersteller­spezifischem #SNMP oder #IPMI? Und wie funktioniert Redfish im Zusammenspiel mit einem #Checkmk-Monitoring? All das zeigt Checkmk-Profi und Linux-Consultant Robert Sander in einem kurzen How-to in unserem Expertise-Blog.

👉 https://www.heinlein-support.de/blog/redfish-statt-hersteller-spezifischem-snmp-oder-ipmi

Alles Wichtige über Checkmk lernen Sie von Robert übrigens regelmäßig in seiner Schulung für Fortgeschrittene an der Heinlein Akademie.

#LinuxConsulting #Systemmonitoring #HeinleinAkademie

One of the projects today, read data from #OPNSense via #SNMP using #Telegraf and saving the data to #InfluxDB

Now to try and whip up some nice GUI for this in my #Custom #PHP system that sits behind the firewall.

Productive day, the day before (Icelandic) #Christmas

[Перевод] Как настроить прием SNMP-трапов в Zabbix

Всем привет! Мы делаем проекты по Zabbix, накопили большую экспертизу и решили сделать переводы нескольких статей, которые нам показались интересными и полезными. Наверняка, будут полезны и вам. Также своим опытом делимся в телеграм-канале zabbix_ru , где вы можете найти полезные материалы и записи наших вебинаров, опубликованных на нашем ютуб-канале (прим. переводчика). Ниже ссылки на предыдущие статьи из цикла. Миграция с MySQL на PostgreSQL SELinux: интеграция с Zabbix и другими инструментами Защита от ложных срабатываний триггеров в Zabbix с использованием функций min/max/avg Zabbix – автоматизация управления пользователями (JIT) Двухфакторная аутентификация (2FA) в Zabbix 7.0 В этой статье мы покажем вам, как настроить прием SNMP-трапов в Zabbix в операционной системе RHEL 9, как для SNMPv2, так и для SNMPv3! Этот процесс идентичен как для Zabbix Server, так и для Zabbix Proxy, и в случае использования HA его необходимо повторить на всех узлах кластера. Подробности под катом.

https://habr.com/ru/articles/970710/

#zabbix #gals_software #snmp #snmp_trap

Can’t argue with that. #nerd #homelab #snmp

(I snipped the grey line from the legend when I took the screenshot — it’s percent IPv4)

Declaring success on a home project to collect telemetry from network devices. An exporter that slurps SNMP metrics from everything in my house that provides them, annotated with labels for Prometheus.

Scratches an itch I’ve tried to ignore for ages, where the pre-existing snmp_exporter downloadable from GitHub needed hackery to expose IPv6 stats, and didn’t work properly with the cheap Cisco SG300-10 switches I’ve had for the last ten years or so because IF-MIB on those switches returns “Gigabit Ethernet” instead of the port ID in ifDescr on all ports, making it hard to map port id to ifIndex.

My new one works with everything in my homelab without needing extra config or customization — several flavors of Cisco, HP, Netgear, and bsnmpd on Linux and FreeBSD. Written in Go, using parallelism so a full scan of the network is performed on all targets simultaneously and takes as long as the slowest device (in my case: The aforementioned SG300-10’s)

My raspberry-pi prometheus server now has about 1500 extra time series. Can add more MIBs relatively easily if needed.

I reacquainted myself with my loathing for ASN.1 during this project, enough to abandon it and use other methods of OID discovery like everyone else does. ASN.1 should have died in a fire a long time ago. To a large extent, it’s driven the existence of streaming telemetry over gRPC. (Only one of my network devices supports that though, so SNMP at least gets points for ubiquity)
#nerd #homelab #snmp

We’ve published new research from the EU co-funded project NGSOTI: “Learning from large-scale IPv4 blackhole: Behavioral analysis of SNMP traffic”.

Over a 12-month period (Nov 2024–Oct 2025), our network telescope captured ~634 million unsolicited SNMP queries from more than 153,000 unique IPv4 sources scanning an unused /18 block.

The origins of the traffic are globally distributed, with notable concentrations from Indonesia, China, the United States, Germany, Chile and others, as well as a few outliers generating unusually high volumes. A significant portion of the scanning activity can also be attributed to infrastructure belonging to commercial threat-intelligence and scanning companies, providing useful context on what constitutes “expected” background noise.

The analysis covers SNMP version usage (v1/v2c overwhelmingly dominant, minimal v3), community-string patterns (default, weak, and undocumented strings), and OIDs that point to which device vendors are most scanned.

This dataset provides insight into real-world reconnaissance trends targeting SNMP-capable infrastructure, helping defenders better understand background noise and scanning behaviours.

🔗 Full report: https://d4-project.org/2025/11/27/Learning-from-Large-Scale-IPv4-blackhole-behavioral-analysis-of-SNMP-traffic.html

🔗 PDF version: https://d4-project.org/assets/behavioral-analysis-of-snmp-traffic.pdf

Co-funded by European Cybersecurity Competence Centre (ECCC) under the NGSOTI project.

#cybersecurity #networkanalysis #cybersecurity #snmp #network #internet #dfir

"#Hackers Deploy #Linux #Rootkits via #Cisco #SNMP Flaw in 'Zero Disco' Attacks"

https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html

In all my years in cybersecurity, I've always felt SNMP was not a good idea & should be turned off.
I know many network admins will dislike me saying that but I always turn it off.
Even the version with tacked on security #SNMPv3 has had #Vulnerabilities & many places run older SNMP & not v3.
I feel maybe it's time for something new.

#CyberSecurityNews #CyberSecurity #TechNews #Networking

Hackers are exploiting a RCE flaw in Cisco IOS/IOS XE SNMP (CVE-2025-20352) to deploy a persistent Linux rootkit on older switches (9400, 9300, 3750G).The rootkit bypasses AAA/VTY ACLs, hides configs, and deletes logs for evasion. Operation tracked as 'Zero Disco.'

https://www.bleepingcomputer.com/news/security/hackers-exploit-cisco-snmp-flaw-to-deploy-rootkit-on-switches/

#Cisco #SNMP #RCE #Rootkit #InfoSec #CyberSecurity #ZeroDay

One misconfigured SNMP string on a Cisco switch can give hackers a secret backdoor. Are you sure your network is safe? Dive into the hidden world of rootkit threats and learn how to defend against them.

https://thedefendopsdiaries.com/mitigating-cisco-snmp-rootkit-threats-exploitation-detection-and-defense/

#cisco
#snmp
#rootkit
#networksecurity
#cyberthreats

🛠️ Tool
===================

Opening:
Ducky is an open-source desktop networking application that aggregates a suite of common network utilities into a single graphical interface. The project targets network engineers, students and enthusiasts who prefer a consolidated GUI environment rather than multiple command-line tools.

Key Features:
• Multi-Protocol Terminal: integrated tabbed terminal supporting SSH, Telnet and Serial (COM) sessions.
• SNMP Topology Mapper: automatic discovery via ping and SNMP sweep with a color-coded graphical map and clickable device details.
• Network Diagnostics: includes a subnet calculator, network monitor (ping, traceroute) and a multi-threaded port scanner for concurrency.
• Security Toolkit: NIST CVE lookup integration, password strength checks and file hashing functions (MD5, SHA1, SHA256, SHA512).
• UX Features: rich-text dockable notepad, theme support (dark/light) and customizable terminal colors and fonts.

Technical Implementation:
• The application is implemented in Python and built on Qt for Python (PySide6) to provide a cross-platform desktop GUI.
• SNMP discovery is described as combining ICMP (ping) sweeps with SNMP queries to populate topology metadata and device type classification for map visualization.
• The port scanner is described as multi-threaded to improve scan throughput across target ranges; hashing and CVE lookup leverage local functions and NIST API queries respectively.

Use Cases:
• Rapid network inventory and topology visualization for small-to-medium environments.
• Day-to-day diagnostics: reachability checks, traceroute paths and targeted port scans.
• Quick vulnerability lookups via NIST CVE integration during triage.

Limitations:
• The repository notes Python 3.8+ as the runtime baseline and uses PySide6, which implies dependency on the Python runtime and Qt bindings.
• As a desktop GUI tool, headless or automated CI/CD integration is not a primary design goal.
• No centralized enterprise management or agent architecture is described; scalability for very large networks is not addressed.

References:
• Project repository metadata lists Python and PySide6 as core technologies and highlights the included modules: SSH/Telnet/Serial, SNMP, port scanner, CVE lookup and hashing utilities.

🔹 tool #python #snmp #ssh #gui

🔗 Source: https://github.com/thecmdguy/Ducky

Configurar e instalar Akvorado 2.0 Netflow https://blog.elhacker.net/2025/10/instalar-configurar-akvorado-2-netflow-exporter-grafana-dashboard.html #Networking #akvorado #tutorial #grafana #netflow #docker #manual #sflow #snmp

The Internet Last Week

* .pt TLD TCP service degradation
https://dnsmon.ripe.net/pt?start=2025-09-21T00:00:00.000Z&end=2025-09-27T23:59:00.000Z&zone=pt.&protocol=tcp
* .int TLD TCP service degradation
https://dnsmon.ripe.net/int?start=2025-09-21T00:00:00.000Z&end=2025-09-27T23:59:00.000Z&zone=int.&protocol=tcp
* Cisco IOS SNMP Vulnerability CVE-2025-20352
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte
* Docker Hub service issues
https://www.dockerstatus.com/pages/incident/533c6539221ae15e3f000031/68d47a2f93c09e05486d93a9

#DNS #SNMP #Cisco #Docker

Ataki DoS lub RCE możliwe poprzez protokół SNMP w urządzeniach Cisco

Dosłownie chwilę temu ostrzegaliśmy o aktywnych podatnościach CVE-2025-20362 i CVE-2025-20333 w Cisco ASA. Teraz firma Cisco informuje o błędzie, który pozwala – za pośrednictwem protokołu SNMP – na DoS (ang. Denial of Service) lub RCE (ang. Remote Code Execution) na produkowanych przez siebie urządzeniach. Podatność otrzymała identyfikator CVE-2025-20352 i wycenę CVSS na poziomie wysokim (7.7)....

#WBiegu #Cisco #Cve #Rce #Snmp

https://sekurak.pl/ataki-dos-lub-rce-mozliwe-poprzez-protokol-snmp-w-urzadzeniach-cisco/

SSH is my secure lifeline. Encrypted remote access to configure anything, anywhere. SNMP is the network's health monitor, gathering stats in the background from devices. Just please, for uptime's sake, don't use SNMP v1/2c (no encryption)! Use v3. Your network requires secrets. #SSH #SNMP #Networking #SysAdmin #DevOps

This Week in Security: Randomness is Hard, SNMP Shouldn’t Be Public, and GitHub Malware Delivery https://hackaday.com/2025/09/26/this-week-in-security-randomness-is-hard-snmp-shouldnt-be-public-and-github-malware-delivery/ #ThisWeekinSecurity #HackadayColumns #SecurityHacks #randomness #SNMP #BMC

This Week in Security: Randomness is Hard, SNMP Shouldn’t Be Public, and GitHub Malware Delivery - Randomness is hard. To be precise, without dedicated hardware, randomness is impos... - https://hackaday.com/2025/09/26/this-week-in-security-randomness-is-hard-snmp-shouldnt-be-public-and-github-malware-delivery/ #thisweekinsecurity #hackadaycolumns #securityhacks #randomness #snmp #bmc

OpenNMS Horizon 34.0, пробую новый релиз на практике

Привет Хабр! 13 августа 2025 года вышел новый релиз OpenNMS Horizon (открытой системы мониторинга сетей и сервисов, NMS). Версия 34.0.0 стала первым крупным обновлением в ветке 34.x. Не буду пересказывать все технические детали, с ними всегда можно ознакомиться на сайте проекта. Важно другое, OpenNMS распространяется под лицензией AGPLv3 и является полностью open source. Помимо этого, существует продукт OpenNMS Meridian , подписочная услуга с коммерческими планами, поддержкой и SLA. Однако, с учётом текущей ситуации, в России коммерческая версия вряд ли доступна. Почему же тогда стоит говорить об OpenNMS?

https://habr.com/ru/articles/946146/

#OpenNMS #Horizon_3400 #Мониторинг_сети #SNMP #ICMP #Системное_администрирование #Network_Monitoring #Open_Source #Облачные_вычисления #Информационная_безопасность