SNMP over SSH
Many monitoring softwares like EM7, Nagios need SNMP service running on servers to be monitored. However administrator or security admin never want to make SNMP running on their production servers because of Security issues. Here is workaround for this issue. We will run SNMP through SSH (encrypted) channel and will make it secured.
We will be using few terms here:
1. Producer: The Server which you want to Monitor running net-snmp
2. Proxy: Accessible to Both to Monitoring Server (MS) and to the Producer. Proxy machine will be in local network of MS.
3. MS: Monitoring Server
Prerequisites:
socat should be installed on
Scenario:
I want to monitor my Personal System from MS. I have setup Firewall to access my system. In that Only port 22 is open. You cannot access SNMP running on my personal system directly. So I have setup one Proxy Machine i.e. ABC which is accessible to MS and you can access my machine from ABC also.
Proxy Machine: ABC 10.0.0.1
On Proxy Machine:
ssh -f -N root@ -L 6004:localhost:6004
Start TCP to UDP socat on Producer:
socat -d -d -d -lffoo.log TCP4-LISTEN:6004,fork UDP4:localhost:161
Start UDP to TCP socat on Proxy:
socat -d -d -d -lffoo.log UDP4-LISTEN:161,fork TCP:localhost:6004
Test by running snmpwalk on Proxy Machine:
snmpwalk -v1 -c public localhost
Now use port 161 of Proxy machine to access SNMP data of Producer and start monitoring it.
reference:linuxforums
We will be using few terms here:
1. Producer: The Server which you want to Monitor running net-snmp
2. Proxy: Accessible to Both to Monitoring Server (MS) and to the Producer. Proxy machine will be in local network of MS.
3. MS: Monitoring Server
Prerequisites:
socat should be installed on
Scenario:
I want to monitor my Personal System from MS. I have setup Firewall to access my system. In that Only port 22 is open. You cannot access SNMP running on my personal system directly. So I have setup one Proxy Machine i.e. ABC which is accessible to MS and you can access my machine from ABC also.
Proxy Machine: ABC 10.0.0.1
On Proxy Machine:
ssh -f -N root@
Start TCP to UDP socat on Producer:
socat -d -d -d -lffoo.log TCP4-LISTEN:6004,fork UDP4:localhost:161
Start UDP to TCP socat on Proxy:
socat -d -d -d -lffoo.log UDP4-LISTEN:161,fork TCP:localhost:6004
Test by running snmpwalk on Proxy Machine:
snmpwalk -v1 -c public localhost
Now use port 161 of Proxy machine to access SNMP data of Producer and start monitoring it.
reference:linuxforums
0 komentar: