May the source be with you, but remember the KISS principle ;-)

Contents Bulletin Scripting in shell and Perl Network troubleshooting History Humor

SNMP -- Simple Network Management Protocol

News Application Layer  Protocols Recommended Links References Security Perl Tools
Net-SNMP Perl SNMP Processing SMTP Traps Tivoli SNMP adapter    
Event correlation   Horror Stories Random Findings Humor Etc

The SNMP protocol came into existence in the late 1980’s due to the requirement of having to manage growing networks. There have been seven versions of the protocol: SNMPv1, SNMPsec, SNMPv2p, SNMPv2c, SNMPv2u, SNMPv2* and SNMPv3. SNMP v1 is the only one that has been widely implemented and deployed, though v3 is expected to eventually ascend thanks to its superior security architecture.

Only SMTP v.1 is widely used. See:

Network management means different things to different people. The ISO defines five areas of network management:

Typically when people refer to network management, they do not include accounting and security management. Network management requires at least the following:

The SNMP is probably the most popular network management protocol. SNMP is UDP-based as UDP traffic will still flow in a degraded network when a connection-based transport, such as TCP, fails.

SNMP is essentially a simple request-reply protocol running over UDP (ports 161 and 162), though TCP operation is possible. It is client-server protocol, operating between a management station (server) and an agent.

The most distinctive feature of SNMP is universal naming scheme for objects called Management Information Base (MIB),  a collection of information that is organized hierarchically. This is a huge tree that is comprised of managed objects with each node identified by object identifiers.

Hierarchical structure of MIB is similar to a typical Unix filesystem. Instead of organizing files, the MIB logically organizes management information in a hierarchical tree-like structure. Each node in this tree has a short text string, called a label, and an accompanying number that represents its position at that level in the tree.

An object identifier (or OID) uniquely identifies a managed object in the MIB hierarchy. The MIB hierarchy can be depicted as a tree with a nameless root, the levels of which are assigned by different organizations. RFC 1156, Management Information Base for Network Management of TCP/IP-based Internets, defines the managed objects contained in the MIB using so called Abstract Syntax Notation One (ASN.1). ASN.1 is defined in International Standard number 8824 by the ISO/OSI. The following object groups are defined in RFC 1156:

The top-level MIB object IDs belong to different standards organizations, while lower-level object IDs are allocated by associated organizations.

A managed object (sometimes called a MIB object, an object, or simply MIB) is one of any number of specific characteristics of a managed device. Managed objects are comprised of one or more object instances, which are essentially variables.

Two types of managed objects exist: scalar and tabular.

An example of a managed object is atInput, which is a scalar object that contains a single object instance, the integer value that indicates the total number of input AppleTalk packets on a router interface.

Vendors can define private branches that include managed objects for their own products. MIBs that have not been standardized typically are positioned in the experimental branch.

The managed object atInput can be uniquely identified either by the object name, for example: 

or by the equivalent object descriptor, 

The SNMP agent is installed on the device being managed - all its software has to do is implement a few simple packet types and a generic get-or-set function on its MIB variables. The management station presents the user interface.

Simple management stations can be built with UNIX command-line utilities. More complex (and expensive) ones collect MIB data over time and use GUIs to draw network maps.

An SNMP operation takes the form of a Protocol Data Unit (PDU), basically a fancy word for packet. Version 1 SNMP supports five possible PDUs:

All "Get" operation retrieve data from a managed device (from its SNMP agent). Network management stations can poll managed devices periodically and perform SNMP gets in order to update a graphic display.

A single "Set" operation changes the data on a managed device via the SNMP agent. A device can be instructed to change its IP address, for example. This, of course, can lead to errors because the management station would lose contact with the device until it was discovered again.

A single "Trap" operation is sending an unsolicited message to the management station. SNMP traps are often used by network devices to report on network link failures, device reboots, and so on.

Traversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables, such as a routing table.

The SMI for TCP/IP-based Internets is defined in RFC1157. It describes how managed objects contained in the MIB are defined. RFC1157 states that;

"An Object Identifier (OID) is a sequence of integers which traverse a global tree. This tree consists of an unlabeled root connected to a number of labeled nodes via edges. Each node may, in turn, have children of its own which are labeled."

The specification for an object as defined in RFC 1156 is:

Vendors can write their own specific MIB extensions to take advantage of their products' features.

There are many SNMP-based management applications. Many vendors offer management applications. For example:

Many free and open source SNMP-based management applications are available. See, for example the list at SNMP Applications

Net-SNMP,  a free SNMP implementation for Linux is probably the best starting point. It contains a tutorial.

Some other useful starting points:

Top updates

Bulletin Latest Past week Past month
Google Search


Old News ;-)

[Apr 25, 2012] a3com

Written in Perl...

A3Com is a set of Perl modules and utilites which use SNMP to manage 3Com switches, such as SS3900s, SS9300s, and CoreBuilders. Tools included will search/dump/store bridge tables, ARP tables, retrieve system info, save and restore configurations in batch mode, upload new software in batch mode, change passwords, reboot switches, dump VLAN configurations, and more.

[Apr 25, 2012] Cisco Monitoring Tool – Freecode

Cimon is Perl program wich monitors the load (memory and CPU) on Cisco routers using SNMP, and generates graphics with statistics using rrdtool. It's a good source for information about your router's health. It also has the abillity to make IP accounting via Cisco IP accounting features. It creates rrd graphics with the bandwith usage and traffic logfiles. The logfiles are the same as these produced by sasacct so you can use it for date-to-date statistics and on-the-fly graphic generation.

[Jun 03, 2011]   v10, i09 A Perl Package for Monitoring Traffic by John Shearer

Sep 1, 2001 | Sysadmin

The rtr-graph package described in Shearer's article is a set of Perl scripts for polling routers (or other SNMP-enabled devices) to gain specific traffic information.

[Jan 21, 2011] The Cuddletech Guide to SNMP Programming by Ben Rockwood (Nov, 2004)

[Jan 21, 2011] Essential SNMP by O'Reilly Media

Full PDF of the book. Also at Essential SNMP - Google Books

[Jan 21, 2011] Walk the SNMP Walk - O'Reilly Media

MIBs are like directories; you have a broad top directory, with more specific directories within. Similarly, the uppermost MIB contains a variety of MIBs beneath it. MIBs are referred to by name or by number. At times you'll see MIBs like:


That MIB is the same as


The numerical MIB is longer than the word one. That's because the numerical MIB includes the default ., which means Almost every MIB you encounter will have this leading string, which is why nobody bothers writing it down any more.

If you're in one of those kinky moods, you can even use:

Most SNMP tools prefer numerical MIBs. People prefer words. By the end of this article, you can use whichever you prefer. As usual, while my examples are written for FreeBSD, you can use them on NetBSD or OpenBSD with only minor modifications.

Exact SNMP MIBs can vary from device to device, and with the agent used. You'll want to check the documentation for your SNMP agent, or your device, to see what MIBs are available.

The best SNMP agent for BSD is ucd-snmp. It's small, extensible, and efficient. It's included as a FreeBSD port (/usr/ports/net/ucd-snmp). This is a popular package, and generally up-to-date. If it isn't current, the raw source of ucd-snmp compiles well. The ucd-snmp folks are actively interested in FreeBSD and quite responsive to useful problem reports, requests for help, or (better still) patches.

Installing from source is simple; the standard ./configure && make && make install will do it for you. They even respect the FreeBSD standard of installing under /usr/local. If you're installing on NetBSD, you'll want to edit the makefile to install under /usr/pkg.

ucd-snmp includes not only a SNMP daemon, but also a tool to examine the SNMP tree on other hosts. This "snmpwalk" package works well on any sort of agent: I use my FreeBSD system to snmpwalk routers, switches, other BSD machines, and even the occasional NT system.

Using snmpwalk is very simple:

snmpwalk hostname community

The community is somewhat like a password. A SNMP agent makes different information available to different communities. The agent can also control access by IP address, so don't be too surprised if you get different answers from different locations. Many network administrators configure their systems so that a single SNMP workstation gets full access to them, and others have restricted or nonexistent access.

Try snmpwalk on a local system with SNMP running. You'll get a huge pile of information. Try it again, this time redirecting the output to a file. Look through it at your leisure; you might be surprised at the amount of information the system offers via SNMP.

You can also make very specific queries via SNMP, simply by specifying the portion of the tree you're interested in.

For example, checking the Windows NT documentation, the MIB represents "available memory." You can use snmpwalk to check this value without logging into the system:

snmpwalk fileserver public .
enterprises.311. = 154447872



	      The Perl5 'SNMP' Extension Module v5.0
		      for the Net-SNMP Library

   Supported Platforms:
   Release Notes:
   Operational Description:
   Trouble Shooting:


******************************NOTE NOTE NOTE**************************
  This module now relies on many other modules.  Do not try to build
  it independently, as it won't work.  Instead of running "perl
  Makefile.PL" in this directory, run it in the net-snmp/perl
  directory instead which has a global makefile used to build all the
  sub-modules in their proper order.
******************************NOTE NOTE NOTE**************************

Note: The perl SNMP 5.0 module which comes with net-snmp 5.0 and
higher is different than previous versions in a number of ways.  Most
importantly, it behaves like a proper net-snmp application and calls
init_snmp properly, which means it will read configuration files and
use those defaults where appropriate automatically parse MIB files,
etc.  This will likely affect your perl applications if you have, for
instance, default values set up in your snmp.conf file (as the perl
module will now make use of those defaults).  The docmuentation,
however, has sadly not been updated yet (aside from this note).

This is the Perl5 'SNMP' extension module. The SNMP module provides a
full featured, tri-lingual SNMP (SNMPv3, SNMPv2c, SNMPv1) API. The
SNMP module also provides an interface to the SMI MIB parse-tree for
run-time access to parsed MIB data.  The SNMP module internals rely on
the Net-SNMP toolkit library (previously known as ucd-snmp). For
information on the Net-SNMP library see the documentation provided
with the Net-SNMP distribution or the project web page available on
'Source Forge':


The most recent release of the Perl5 SNMP module can be found bundled
with the latest Net-SNMP distibution available from:

(Note: The perl SNMP distribution obtained this way has the highest
chance of being up to date and compatible with the Net-SNMP version
with which it is bundled.)

A seperately bundled package of the SNMP module can be obtained from CPAN.

Development and older releases may be found at the following FTP site:

(Note: In previous releases this module was compatible with the CMU
SNMP library. Starting with Perl5/SNMP-1.7 this module will *only*
work with the Net-SNMP (aka ucd-snmp) library due to dependence on new

	the following forums may be helpful:

	comp.lang.perl.modules mail list
	(see to subscribe)

Supported Platforms:
	Linux 1.2.x, 2.x
	Solaris 2.x
	Many other UNIX variants

Release Notes:

SNMP module version 5.0 is being developed against NET-SNMP-5.0
see for details.

Compatibility with earlier or later versions of Net-SNMP or UCD-SNMP
is not guaranteed due to the dynamic nature of open software
development :).

[Jul 30, 2007] SNMP support for Perl 5

This package contains Perl 5 modules,, and which, when used together, provide rudimentary access to remote SNMP (v1/v2) agents.

Download it from

The library is featured in the book Essential SNMP by Douglas R. Mauro and Kevin J. Schmidt, July 2001, O'Reilly & Associates, ISBN: 0-59600020-0.

... This module differs from existing SNMP packages in that it is completely stand-alone, i.e. you don't need to have another SNMP package such as Net-SNMP. It is also written entirely in Perl, so you don't have to compile any C modules. It uses the Perl 5 module and should therefore be very portable, even to non-Unix systems.

Note: For the development of new scripts, I strongly recommend to use the higher-level programming interface provided by Its use is described in README.SNMP_util. The remainder of this page desribes the low-level API in, which you normally shouldn't use.

The SNMP operations currently supported are "get", "get-next", "get-bulk" and "set", as well as trap generation and reception.

For an excellent example of the type of application this is useful for, see Tobias Oetiker's ``mrtg'' (Multi Router Traffic Grapher) tool. Another application that uses this library is IOG (Input/Output Grapher).

[Nov 22, 2006] Project details for multiwalk2c

multiwalk2c is a multi-threaded SNMP scanner. It is a modified version of snmpbulkwalk. It can scan agents listed in special agents file, write to a single or many output files, and traverse different parts of a MIB tree in one thread.

Release focus: Minor feature enhancements

[PDF] Chapter 8 Remote Network Monitoring RMON RMON Basic Concepts

File Format: PDF/Adobe Acrobat - View as HTML
interfaces for communicating between SNMP-based management consoles ... resource and negotiate for the resource to be freed (or free it unilaterally) ... ~leduc/cours/ISIR/ISIR-chap8.pdf - Similar pages

[Jun 29, 2000] O'Reilly Network Walk the SNMP Walk

Recommended Links

SimpleWeb provides links and information on network management, including software, RFCs and tutorials. The focus is on SNMP and Internet management, but people interested in other management technologies will also find interesting information.
Maintained by the Telematics Systems and Services management group (TSS) of the University of Twente (the Netherlands), in collaboration with Jürgen Schönwälder of the TU Braunschweig (Germany).

Software section has a nice Search tool, that lets you search by OS and whether something is free.

Another SNMP links site, put up by Pierrick Simier.  Nice to look at, but Search tool is not as helpful as SimpleWeb's.

Scotty - Tcl Extensions for Network Management -- contains a large collection of links

SecurityPortal - SNMP Security Resources

Linux SNMP Network Management Tools

The Simple Times Technical Article

This advisory addresses a vulnerability in the common configuration of the Windows NT SNMP Service. This vulnerability allows individuals to remotely configure network parameters that are critical to the security and proper operation of the system.

Snmp, Snmpv2, Snmpv3, and Rmon 1 and 2

William Stallings
This book is the definitive guide to SNMP-based network and internetwork management for network administrators, managers, and designers. Concise, focusing on practical issues, and completely up to date, it covers SNMPv1, SNMPv2, and the most recent SNMPv3, as well as RMON1 and RMON2--all of which are currently deployed in today's LANs and WANs. With this book, you will be better equipped to determine your network management needs, gain insight into design issues, and obtain the necessary understanding to evaluate available SNMP-based products.

Snmp Network Management (McGraw-Hill Series on Computer Communications)

Paul Simoneau
Written for network professionals who want to know how SNMP (Simple Network Management Protocol) really works, this book incorporates the latest version and provides hundreds of hands-on exercises from real world examples. The CD contains protocol analysis tools and complete files of data collected from working networks.

SNMP : A Guide to Network Management (McGraw Hill Series on Computer Communications)

Dr. Sidnie M. Feit
Written for both those who plan, administer, and manage networking, and for software developers who work in a networked environment, this reference presents all the ideas behind SNMP and clearly explains the protocols and mechanisms. Emphasizing practical network management, this is the only book to provide descriptions of what is managed using SNMP.

I found this book as a very good learning guide for SNMP protocol and MIB structures. The book is very good for those who want to understand SNMP and the popular MIBs.


SNMP Overview

Network Management & Monitoring with Linux by David Guerrero

Cameron Laird's personal notes on SNMP

The Simple Times - HTML Archive


The NET-SNMP Project Home Page -- looks like the most current

Network Development Software -- classic set of tools

Linux SNMP Network Management Tools -- a little bit old.



S - Security
N - Not
M - My
P - Problem...

If you are using SNMP v1 make sure it is blocked from the Internet in general and are using reasonably obtuse community names. SNMP v2 at least has passwords... Sigh...
Look at Phrack #50 for some exploits of the SNMP security holes.
Phrack site is

Plugging Holes In SNMP -- weak

SNMP Brute Force Attack

ucd-snmp-coders mailing list archives for 2000-07 snmp securit

Security Archive November 1998 ISS Security Advisory Hidden SNMP community in HP OpenView

SNMP Security Pack

The SNMP Security Pack provides an extension to HP Open View Network Node Manager (NNM), allowing NNM (4.1 and later) to use SNMPv3 with security. SNMPv3 provides safe configuration and control operations. Its administration offers logical contexts, view-based access control, and remote configuration. The user-based authentication mechanism is based on MD5, SHA, and a loosely synchronized monotonically increasing time indicator. The user-based privacy mechanism is based on Data Encryption Standard (DES) Cipher Block Chaining (CBC) mode, 16-byte key algorithms, and multiple levels of compliance. SNMPv3 is available for networks, systems, applications, manager-to-manager communications, and proxy management of legacy systems.

NAI Labs

This advisory addresses a vulnerability in the common configuration of the Windows NT SNMP Service. This vulnerability allows individuals to remotely configure network parameters that are critical to the security and proper operation of the system.

Roxen Community RFC 1352 SNMP Security Protocols ()

Windows NT SNMP Security Permissions

Q200885 - How to Troubleshoot SNMP Security Issues

Microsoft Windows 2000 Server Documentation

Simple network management protocol (SNMP) provides security through the use of community names and authentication traps. You can restrict SNMP communications for the agent, allowing it to communicate with only a specific list of other SNMP management systems.

You can configure SNMP security in SNMP Service Properties on the Security tab.

The following options can be configured to enable SNMP security:

For more information on how to configure SNMP security, see To configure security


Perl Tools

The Twenty-Minute SNMP Tutorial (Perl for System Administration)

Appendix E

moodss A modular system, database, and network monitoring application.

Cisco Monitoring Tool  Monitors CPU and memory usage on Cisco routers.

ifGraph  A tool to create graphs of network interface traffic via SNMP queries.

mon  Highly configurable service monitoring daemon

perlPrinterInfo  A Perl script that shows you the most important data from a network printer.

Printerspy  Perl/Tk tool to monitor printers via SNMP

Pancho  A Perl script used to configure and archive network device configs through SNMP.

SNMP Network Auditor  Tools for auditing a large network for SNMP services. Project details for Net-SNMP

The NET-SNMP (formerly UCD-SNMP) package contains various tools relating to the Simple Network Management Protocol including an extensible agent, an SNMP library, tools to request or set information from SNMP agents, tools to generate and handle SNMP traps, a version of the unix 'netstat' command using SNMP and a Tk/perl mib browser. It was originally based on the Carnegie Mellon University SNMP implementation (version, but has been greatly enhanced, ported and fixed and barely resembles the original package anymore. Project details for SNMPInfo

SNMP::Info gives an object oriented interface to information obtained through SNMP. This module is geared towards network devices. Speciality sub-classes exist for a number of network devices and MIBs.


Open Directory - Computers Internet Protocols SNMP RFCs

Random Findings



Groupthink : Understanding Micromanagers and Control Freaks : Toxic Managers : BureaucraciesHarvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Two Party System as Polyarchy : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy


Skeptical Finance : John Kenneth Galbraith : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Oscar Wilde : Talleyrand : Somerset Maugham : War and Peace : Marcus Aurelius : Eric Hoffer : Kurt Vonnegut : Otto Von Bismarck : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Oscar Wilde : Bernard Shaw : Mark Twain Quotes


Vol 26, No.1 (January, 2013) Object-Oriented Cult : Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks: The efficient markets hypothesis : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law


Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor


The Last but not Least

Copyright © 1996-2014 by Dr. Nikolai Bezroukov. was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Site uses AdSense so you need to be aware of Google privacy policy. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine. This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting hosting of this site with different providers to distribute and speed up access. Currently there are two functional mirrors: (the fastest) and


The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: February 19, 2014