使用 SNMP (net-snmp) 检查端口 [英] Check ports with SNMP (net-snmp)

问题描述

有没有办法使用 SNMP 监控服务器端口(我使用 net-snmp-python 来检查这个与 python).到目前为止，我已经使用nc"命令进行了非常简单的检查，但是我想看看是否可以使用 SNMP 执行此操作.

Is there a way to monitor server ports using SNMP (I'm using net-snmp-python to check this with python). So far I've checked pretty simple with "nc" command, however I want to see if I can do this with SNMP.

感谢您的回答和耐心.

推荐答案

好吧，如果您想使用 SNMP 来准确查看正在侦听的端口，您应该可以使用以下 OIDS 并走表

Well if you want to use SNMP to see exactly what ports are listening, you should be able to use the following OIDS and walk the table

  "1.3.6.1.2.1.6.13.1.1" tcpConnState 
  "1.3.6.1.2.1.7.5.1.1"  udpLocalAddress

走 UDP 会给你这样的东西:

Walking UDP would give you something like this:

snmpwalk -cpublic 192.168.1.13 1.3.6.1.2.1.7.5.1.1                                                    
   UDP-MIB::udpLocalAddress.0.0.0.0.68 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.161 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.32908 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.33281 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.33795 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.34822 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.0.0.0.0.44782 = IpAddress: 0.0.0.0
   UDP-MIB::udpLocalAddress.192.168.1.13.9950 = IpAddress: 192.168.1.13

和 TCP 类似:

snmpwalk -cpublic 192.168.1.13 1.3.6.1.2.1.6.13.1.1                                                   
   TCP-MIB::tcpConnState.0.0.0.0.21.0.0.0.0.0 = INTEGER: listen(2)
   TCP-MIB::tcpConnState.0.0.0.0.23.0.0.0.0.0 = INTEGER: listen(2)
   TCP-MIB::tcpConnState.0.0.0.0.80.0.0.0.0.0 = INTEGER: listen(2)

查看表格将向您显示正在侦听的端口，并可以为您提供一些信息.

Walking the tables will show you what ports are listening, and could provide you with some information.

现在，如果您只想检查您在问题中列出的特定端口是否正在侦听，您可以使用以下 OIDS 进行检查.

Now if you just want to check to see if specific ports that you listed in your question are listening you can use the following OIDS to check.

ftp -- 1.3.6.1.2.1.6.13.1.1.0.0.0.0.21.0.0.0.0.0
ssh -- 1.3.6.1.2.1.6.13.1.1.0.0.0.0.22.0.0.0.0.0
http --  1.3.6.1.2.1.6.13.1.1.0.0.0.0.80.0.0.0.0.0
https -- 1.3.6.1.2.1.6.13.1.1.0.0.0.0.443.0.0.0.0.0
bind -- 1.3.6.1.2.1.7.5.1.1.0.0.0.0.53 

上述 OIDS 假设服务器绑定到默认地址(0.0.0.0).但它们只能绑定到服务器 IP 地址(取决于配置).在这种情况下，假设您的服务器 IP 是 192.168.10.1，您会得到

the above OIDS assume that the server is bound to the default address (0.0.0.0). But they could be bound to the server IP address only (depends on config). In that case assuming your Server IP is 192.168.10.1 you would get

1.3.6.1.2.1.7.5.1.1.192.168.10.1.53  for bind

所以我想如果你想知道 http 是否正在监听主机 192.168.10.1 上的默认地址，使用 python net snmp 绑定，你会得到这样的东西.

so all that being said I think if you wanted to tell if http was listening on the default address on host 192.168.10.1, using the python net snmp bindings you would have something like this.

import netsnmp
oid = netsmp.Varbind('1.3.6.1.2.1.6.13.1.1.0.0.0.0.80.0.0.0.0.0')
result = netsnmp.snmp(oid,
                      Version = 2,
                      DestHost="192.168.10.1",
                      Community="public")

我不是 100% 确定是否需要 Varbind，因为我没有在 python 中做任何 snmp 东西，我发现的一些例子有，有些没有.但无论哪种方式都可以尝试.在上面的查询中，如果服务器没有监听它会返回一个没有这样的 OID，如果它是打开的并且监听结果应该是 Integer(2).

I am not 100% sure if the Varbind is required as I don't do any snmp stuff in python,and some examples I found had it, and some didn't. But try it either way. in the above query, if the server isn't listening it will return a no such OID, if it is open and listening result should Integer(2).

这篇关于使用 SNMP (net-snmp) 检查端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！