Information Gatheringsnmpnetworkmanagementmonitoringmibtrapagent

net-snmp

Net-SNMP provides tools and libraries for SNMP protocol operations, including querying network devices, sending traps, and managing SNMP agents for information exchange between servers and clients.

Description

The Simple Network Management Protocol (SNMP) enables management information exchange between agents (servers) and clients. Net-SNMP offers a comprehensive suite of command-line tools for SNMP operations like querying device information (snmpget, snmpwalk), sending notifications (snmptrap, snmpinform), and configuring agents (snmpd, snmptrapd). It includes libraries for development, Perl bindings, and utilities for SNMPv3 user management and view-based access control.

Use cases include network monitoring, device discovery, performance data collection, and trap handling for alerts. Tools support SNMPv1, v2c, and v3 with authentication/privacy options. Development files aid custom SNMP applications, while MIB parsing resolves OIDs to textual descriptions.

Key packages cover trap handling (libnetsnmptrapd45), base MIBs/documentation (libsnmp-base), core library (libsnmp45), applications (snmp), agent daemon (snmpd), trap receiver (snmptrapd), and graphical MIB browser (tkmib).

How It Works

Net-SNMP implements SNMP protocol standards for GET/SET/GETNEXT/GETBULK requests/responses, trap/inform notifications, and agent operations. Tools encode/decode ASN.1 BER packets, parse MIBs for OID resolution, and handle SNMPv3 USM (User-based Security Model) with MD5/SHA auth and DES/AES privacy. Agents (snmpd) expose MIB variables via UDP/161, process requests, and generate traps via UDP/162. Trap receiver (snmptrapd) logs/decodes incoming notifications. MIB2C generates agent extension code from MIB definitions.

Installation

bash

sudo apt install snmp

Flags

-v 1|2c|3SNMP version to use (1, 2c, or 3)

-c COMMUNITYCommunity string for SNMPv1/v2c (e.g. public, private)

-u USERSNMPv3 security username

-l LEVELSNMPv3 security level: noAuthNoPriv, authNoPriv, authPriv

-a PROTOCOLSNMPv3 auth protocol: MD5, SHA, SHA-256, SHA-512

-A PASSPHRASESNMPv3 authentication passphrase

-x PROTOCOLSNMPv3 privacy protocol: DES, AES, AES-192, AES-256

-X PASSPHRASESNMPv3 privacy passphrase

-OnPrint OIDs numerically instead of symbolically

-t TIMEOUTSet request timeout in seconds

Examples

Walk entire SNMP MIB tree on target using community string public (v2c)

snmpwalk -v2c -c public 192.168.1.1 .1

Get system description OID — reveals OS, version, and hardware info

snmpget -v2c -c public 192.168.1.1 sysDescr.0

Enumerate all running processes on target via SNMP HOST-RESOURCES-MIB

snmpwalk -v2c -c public 192.168.1.1 hrSWRunName

List all network interfaces on the target device

snmpwalk -v2c -c public 192.168.1.1 ifDescr

Modify SNMP writable OID using write community string (tests write access)

snmpset -v2c -c private 192.168.1.1 sysContact.0 s admin@corp.com

Send a linkDown trap to an SNMP manager (useful for testing trap receivers)

snmptrap -v2c -c public 192.168.1.1 0 linkDown

Bulk-walk system subtree with 25 max-repetitions for faster enumeration

snmpbulkwalk -v2c -c public -Cn0 -Cr25 192.168.1.1 system

Brute-force SNMP community strings across multiple targets

onesixtyone -c community.txt -i targets.txt

Updated 2026-04-16kali.org ↗