Joder, se me había llenado el disco de uno de los servidores... en algún momento debería cargar una tool de monitoreo, no?
En casa de herrero 😅
#snmp
Um Microsoft Windows Server mit Ansible zu automatisieren wird ein ein sicherer Remote-Zugang benötigt. SSH bietet sich aufgrund der Verschlüsselung hierbei an. In diesem Blog Post zeige ich wie der OpenSSH-Server unter Windows (mit CLI) installiert wird und ich zeige ebenfalls die Installation und Konfiguration des SNMP-Service mit einer Ansible-Rolle für Microsoft Windows und Debian GNU/Linux.
RE: https://social.heinlein-support.de/@heinleinsupport/115967519382845243
Ich hab da mal kurz was aufgeschrieben:
Was sind die Vorteile von #Redfish gegenüber herstellerspezifischem #SNMP oder #IPMI? Und wie funktioniert Redfish im Zusammenspiel mit einem #Checkmk-Monitoring? All das zeigt Checkmk-Profi und Linux-Consultant Robert Sander in einem kurzen How-to in unserem Expertise-Blog.
👉 https://www.heinlein-support.de/blog/redfish-statt-hersteller-spezifischem-snmp-oder-ipmi
Alles Wichtige über Checkmk lernen Sie von Robert übrigens regelmäßig in seiner Schulung für Fortgeschrittene an der Heinlein Akademie.
SNMPv3 and SNMPv3 traps configuration #snmp
#debian packages for snmptrapd to fix CVE-2025-68615 are now available for sid. Forky should be soon once it gets through the sid->forky transfer.
A back-patch for trixie is in-progress and should be available soon, it will be off for checking in a few hours.
Ứng dụng **Snmp-Browser** đa nền tảng cùng giao diện trực quan giúp quản lý và giám sát thiết bị mạng qua SNMP. Được phát triển dựa trên thư viện snmpy nhằm đơn giản hóa việc giao tiếp với UPS và thiết bị khác, giải quyết khó khăn trong cài đặt các phần mềm hiện có. Nguồn mở trên GitHub! Đóng góp ý kiến bạn nhé!
#SNMP #QuảnLýMạng #PhầnMềmMở #DevTools #NetworkMonitoring #ViệcLàmGiốngMà #SideProject #SourceCode #CôngNghệMới
https://www.reddit.com/r/SideProject/comments/1pot0fj/snmpwaresnmpbrows
[Перевод] Как настроить прием SNMP-трапов в Zabbix
Всем привет! Мы делаем проекты по Zabbix, накопили большую экспертизу и решили сделать переводы нескольких статей, которые нам показались интересными и полезными. Наверняка, будут полезны и вам. Также своим опытом делимся в телеграм-канале zabbix_ru , где вы можете найти полезные материалы и записи наших вебинаров, опубликованных на нашем ютуб-канале (прим. переводчика). Ниже ссылки на предыдущие статьи из цикла. Миграция с MySQL на PostgreSQL SELinux: интеграция с Zabbix и другими инструментами Защита от ложных срабатываний триггеров в Zabbix с использованием функций min/max/avg Zabbix – автоматизация управления пользователями (JIT) Двухфакторная аутентификация (2FA) в Zabbix 7.0 В этой статье мы покажем вам, как настроить прием SNMP-трапов в Zabbix в операционной системе RHEL 9, как для SNMPv2, так и для SNMPv3! Этот процесс идентичен как для Zabbix Server, так и для Zabbix Proxy, и в случае использования HA его необходимо повторить на всех узлах кластера. Подробности под катом.
I yet again find myself writing SNMP code and I wonder where I went wrong with my life.
We’ve published new research from the EU co-funded project NGSOTI: “Learning from large-scale IPv4 blackhole: Behavioral analysis of SNMP traffic”.
Over a 12-month period (Nov 2024–Oct 2025), our network telescope captured ~634 million unsolicited SNMP queries from more than 153,000 unique IPv4 sources scanning an unused /18 block.
The origins of the traffic are globally distributed, with notable concentrations from Indonesia, China, the United States, Germany, Chile and others, as well as a few outliers generating unusually high volumes. A significant portion of the scanning activity can also be attributed to infrastructure belonging to commercial threat-intelligence and scanning companies, providing useful context on what constitutes “expected” background noise.
The analysis covers SNMP version usage (v1/v2c overwhelmingly dominant, minimal v3), community-string patterns (default, weak, and undocumented strings), and OIDs that point to which device vendors are most scanned.
This dataset provides insight into real-world reconnaissance trends targeting SNMP-capable infrastructure, helping defenders better understand background noise and scanning behaviours.
🔗 Full report: https://d4-project.org/2025/11/27/Learning-from-Large-Scale-IPv4-blackhole-behavioral-analysis-of-SNMP-traffic.html
🔗 PDF version: https://d4-project.org/assets/behavioral-analysis-of-snmp-traffic.pdf
Co-funded by European Cybersecurity Competence Centre (ECCC) under the NGSOTI project.
#cybersecurity #networkanalysis #cybersecurity #snmp #network #internet #dfir
Rah, ça fait quand même un peu chier quand même : https://dev.freebox.fr/bugs/task/3577
Je le voulais moi le #snmp ;)
"#Hackers Deploy #Linux #Rootkits via #Cisco #SNMP Flaw in 'Zero Disco' Attacks"
https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html
In all my years in cybersecurity, I've always felt SNMP was not a good idea & should be turned off.
I know many network admins will dislike me saying that but I always turn it off.
Even the version with tacked on security #SNMPv3 has had #Vulnerabilities & many places run older SNMP & not v3.
I feel maybe it's time for something new.
Threat brief: Operation ZeroDisco — Cisco SNMP zero-day exploited to deploy rootkits
Summary: CVE-2025-20352 (SNMP stack overflow) is being chained with a modified CVE-2017-3881 Telnet exploit to remotely write memory and deliver a rootkit impacting Cisco 9400/9300/3750G series. Indicators: sudden universal password containing disco, hidden running-config differences, disabled log history, unexpected UDP listeners on closed ports, unexplained VLAN bridging. No reliable automated scanner exists yet - escalate to
Cisco TAC and initiate low-level firmware/ROM inspection if suspected. Prioritize patching, isolate legacy gear, and monitor SNMP/Telnet telemetry and VLAN changes. Share detections back to the community and follow TechNadu for consolidated IOCs.
#CVE2025 #ZeroDisco #Cisco #Rootkit #SNMP #VLAN #IoTSecurity #ThreatIntel #PatchManagement #TechNadu
Hackers are exploiting a RCE flaw in Cisco IOS/IOS XE SNMP (CVE-2025-20352) to deploy a persistent Linux rootkit on older switches (9400, 9300, 3750G).The rootkit bypasses AAA/VTY ACLs, hides configs, and deletes logs for evasion. Operation tracked as 'Zero Disco.'
One misconfigured SNMP string on a Cisco switch can give hackers a secret backdoor. Are you sure your network is safe? Dive into the hidden world of rootkit threats and learn how to defend against them.
🛠️ Tool
===================
Opening:
Ducky is an open-source desktop networking application that aggregates a suite of common network utilities into a single graphical interface. The project targets network engineers, students and enthusiasts who prefer a consolidated GUI environment rather than multiple command-line tools.
Key Features:
• Multi-Protocol Terminal: integrated tabbed terminal supporting SSH, Telnet and Serial (COM) sessions.
• SNMP Topology Mapper: automatic discovery via ping and SNMP sweep with a color-coded graphical map and clickable device details.
• Network Diagnostics: includes a subnet calculator, network monitor (ping, traceroute) and a multi-threaded port scanner for concurrency.
• Security Toolkit: NIST CVE lookup integration, password strength checks and file hashing functions (MD5, SHA1, SHA256, SHA512).
• UX Features: rich-text dockable notepad, theme support (dark/light) and customizable terminal colors and fonts.
Technical Implementation:
• The application is implemented in Python and built on Qt for Python (PySide6) to provide a cross-platform desktop GUI.
• SNMP discovery is described as combining ICMP (ping) sweeps with SNMP queries to populate topology metadata and device type classification for map visualization.
• The port scanner is described as multi-threaded to improve scan throughput across target ranges; hashing and CVE lookup leverage local functions and NIST API queries respectively.
Use Cases:
• Rapid network inventory and topology visualization for small-to-medium environments.
• Day-to-day diagnostics: reachability checks, traceroute paths and targeted port scans.
• Quick vulnerability lookups via NIST CVE integration during triage.
Limitations:
• The repository notes Python 3.8+ as the runtime baseline and uses PySide6, which implies dependency on the Python runtime and Qt bindings.
• As a desktop GUI tool, headless or automated CI/CD integration is not a primary design goal.
• No centralized enterprise management or agent architecture is described; scalability for very large networks is not addressed.
References:
• Project repository metadata lists Python and PySide6 as core technologies and highlights the included modules: SSH/Telnet/Serial, SNMP, port scanner, CVE lookup and hashing utilities.
🔹 tool #python #snmp #ssh #gui
🔗 Source: https://github.com/thecmdguy/Ducky
Facing downtime due to network misconfigurations or hidden issues?
Manual monitoring can’t catch everything in real time.
Versitron SNMP-enabled gigabit Ethernet switches provide detailed insights, helping prevent disruptions.
What tools or methods do you use to keep your network stable? Share your tips!
#Versitron #SNMP #GigabitSwitch #NetworkMonitoring #MissionReady
Versitron Gigabit Ethernet Switch with SNMP
Stay in control with Versitron SNMP-enabled gigabit Ethernet switches! Track performance, receive alerts, and manage your network remotely with ease. How do you optimize monitoring across your infrastructure?
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst