Skip to content

SNMP – The Missing MIB

by on September 18, 2013

image_thumb.png

Introduction

Many users of SNMP Network Management Tools / Penetration Test Tools, may find that recent versions of software including the popular SNMPwalk appear to be missing MIBs, or that previously available information is now mysterious missing.  This is more prominent on Debian or Ubuntu based systems (any system that compiles from source like Gentoo , appear unaffected).  This is additionally important for Penetration Tester Professionals that have an exam or governing body that ensures they know how to use SNMP, to extract information that may aid in compromise of an affected server with default community strings.  Strange!  Well apparently there is a good reason…

Debian GNU/Linux is probably the only Linux distriution that has the largest software repository. However the default installation for Debian only includes the ‘main’ (or free) repository which is directly maintained by the Debian community and fulfills the Debian Free Software Guidelines (DFSG).

The two other repositories ‘contrib’ and ‘non-free’ are not enabled by default as it contains software that either does not meet DFSG requirements or depends on library or packages which does not meet DFSG requiments. SNMP-MIBS now fall under non-free category!

How to enable contrib and non-free repositories in Debian

As ‘root’ you need to edit /etc/apt/sources.lst

Then add ‘contrib’ and ‘non free’ at the end of each line that begins with “deb” and “deb-src” just like the example:

deb http://http.us.debian.org/debian squeeze main contrib non-free
deb http://security.debian.org squeeze/updates main contrib non-free

Updating SNMP and Downloading All MIBS

To get back you missing MIBs perform an apt-get update and follow the instructions below:

% apt-get install snmp
% apt-get install snmp-mibs-downloader

To configure net-snmp command-line to use the MIBS, edit /etc/snmp/snmp.conf and comment out the following line:

mibs :

To update the MIBS to latest versions run the following command as root:

 % download-mibs

If you have a SNMP server running on localhost, with Community string ‘public’, you can test if MIBs are working properly like this:

 % snmpwalk -v1 -c public 192.168.1.234 .
 SNMPv2-MIB::sysDescr.0 = STRING: Linux vulnbox 2.6.32 #2 SMP Fri Oct 13 10:03:39 BST 2013 i686
 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (141766) 0:23:37.66
 SNMPv2-MIB::sysContact.0 = STRING: Me <me@example.org>
 ...
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: