This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 4 and 5
Revision 4 as of 2005-03-25 23:24:55
Size: 5925
Editor: GuyHarris
Comment: Note that ATM's ILMI is SNMP.
Revision 5 as of 2005-04-02 01:02:13
Size: 6029
Editor: GuyHarris
Comment: Add capture filters, add missing ''.
Deletions are marked like this. Additions are marked like this.
Line 40: Line 40:
 Capture SNMP traffic over the default ports (161 and 162): {{{
 udp port 161 or udp port 162 }}}
Line 58: Line 61:
 * [http://www.ietf.org/rfc/rfc1444.txt RFC 1444] ''Conformance Statements for version 2 of the Simple Network Management Protocol (SNMPv2)  * [http://www.ietf.org/rfc/rfc1444.txt RFC 1444] ''Conformance Statements for version 2 of the Simple Network Management Protocol (SNMPv2)''

Simple Network Management Protocol (SNMP)

SNMP is used to monitor and manage devices on a network.

History

XXX - add a brief description of SNMP history

Protocol dependencies

Typically, SNMP uses ["UDP"] as its transport protocol. The well known UDP port for SNMP traffic is 161/162. It can also run over ["TCP"], ["Ethernet"], ["IPX"], and other protocols. ["ATM"] uses SNMP as its ["ILMI"] (Integrated Local Management Interface) protocol.

Example traffic

XXX - Add example traffic here (as plain text or Ethereal screenshot).

Ethereal

The SNMP dissector is fully functional.

Preference Settings

Ethereal's SNMP protocol preferences let you control the display of the OID in the info column, desegmentation of SNMP over TCP, and which MIB modules to load. Ethereal uses the [http://www.net-snmp.org/ Net-SNMP] or UCD SNMP libraries to resolve OIDs, so you can also configure this behavior using the MIBS environment variable or by editing snmp.conf as described in the [http://www.net-snmp.org/tutorial/tutorial-5/commands/mib-options.html Net-SNMP Tutorial].

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here. Keep it short, it's also a good idea to gzip it to make it even smaller, as Ethereal can open gzipped files automatically.

Display Filter

A complete list of SNMP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/s/snmp.html display filter reference]

  • Show only the SNMP based traffic:

     snmp 

Capture Filter

You cannot directly filter SNMP protocols while capturing. However, if you know the ["UDP"] ports used (see above), you can filter on that ones.

  • Capture SNMP traffic over the default ports (161 and 162):

     udp port 161 or udp port 162 

SGMP (an ancestor of SNMP):

SNMPv1

SNMPv2

SNMPv2 (Community based)

SNMPv3

Discussion

SNMP (last edited 2019-11-01 21:48:45 by GuyHarris)