Good morning All, I want to keep track on all my devices using snmp. Any intrusion on the devices. Any ideas? thanks
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Joe Pruett Sent: Wednesday, October 21, 2009 3:01 PM To: General Linux/UNIX discussion and help;civil and on-topic Subject: Re: [PLUG] shell scripting > The answer to your question is No. > 1. I want to Perform an SNMP request in SNMP agent. return 0 if the > connect succeeded. > 2. I want to be able to see how many times people from outside tried to > get into the devices also > > I know my script is wrong , but her is what I come up with so far: > > LIST = 'ypcat hosts|| sort | awk '{print $2}'' > for Devices in $LIST > do > Errorcount=`snmpget -v1 -c privator $Devices snmpInBadCommunityNames.O > |awk '{print $4}' ` > > if [ Errorcount >= 0 ]; then > echo "Devices=0" > echo "$sysdate $Devices" >> /tmp/hosthistory.txt > > fi > done > > I feel like I forced the devices to be zero. > My next question is how would I know if the device been hacked or tried > to be hacked ? to see if your snmpget worked, you need to check $? immediately after the snmpget. it will be 0 if snmpget was happy, not 0 if it had a problem. checking snmp for bad community requests is not a very useful way to check for hacking. snmp should either be restricted to known management ip addresses, or use snmp v3 with encryption and authentication. _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug ____________________________________________________________________________ EMAIL DISCLAIMER: This email and any attachments thereto may contain private, confidential, and privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto. _____________________________________________________________________________ _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
