SNMP

SNMP (Simple Network Management Protocol) is a widely used application-layer protocol for monitoring and managing networked devices such as routers, switches, printers, and servers. It allows network administrators to query device status, configure settings, and receive alerts (traps) for specific events. It operates over UDP for fast communication.

Key Components of SNMP

• SNMP Manager – Central system that queries and manages network devices.

• SNMP Agent – Software running on network devices that responds to SNMP queries.

• Management Information Base (MIB) – Structured database of managed objects.

• Object Identifier (OID) – Unique identifier for each MIB object.

Versions of SNMP

• SNMPv1 – Basic version with no encryption.

• SNMPv2c – Improved performance with bulk requests, still no security.

• SNMPv3 – Adds authentication and encryption for security.

Ports Used in SNMP

Port 161 – Used for SNMP queries; Port 162 – Used for SNMP traps (alerts).

SNMP Enumeration Techniques

• Identify SNMP-enabled devices.

• Extract system details (OS, uptime, hardware info).

• Identify SNMP community strings.

• Retrieve network configurations (IP, routing tables).

• Collect user and group information.

• Identify running services and applications.

nmap -sU -sV -p 161 [IP]
nmap -sU -sV -p 161 --script snmp-brute [IP]
nmap -sU -sV -p 161 --script snmp-* [IP] -oN snmp_info.txt

# snmpwalk
snmpwalk -v 1 -c public [IP]