> The answer to your question is No.
> 1. I want to Perform an SNMP request in SNMP agent. return 0 if the
> connect succeeded.
> 2. I want to be able to see how many times people from outside tried to
> get into the devices also
>
> I know my script is wrong , but her is what I come up with so far:
>
> LIST = 'ypcat hosts|| sort | awk '{print $2}''
> for Devices in $LIST
> do
> Errorcount=`snmpget -v1 -c privator $Devices snmpInBadCommunityNames.O
> |awk '{print $4}' `
>
> if [ Errorcount >= 0 ]; then
> echo "Devices=0"
> echo "$sysdate $Devices" >> /tmp/hosthistory.txt
>
> fi
> done
>
> I feel like I forced the devices to be zero.
> My next question is how would I know if the device been hacked or tried
> to be hacked ?
to see if your snmpget worked, you need to check $? immediately after the
snmpget. it will be 0 if snmpget was happy, not 0 if it had a problem.
checking snmp for bad community requests is not a very useful way to check
for hacking. snmp should either be restricted to known management ip
addresses, or use snmp v3 with encryption and authentication.
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
