SNMP Device Discovery¶
By Lex Li
This page shows you how SNMP device might be discovered.
When SNMP was defined and published, there was no official way to discover SNMP enabled devices in the network. This might be caused by the well known security issues of SNMP itself, as if you know there is such a device in the network, you can somehow sniff the wire to get community names. Thus, if you are a device administrator, make sure you hide the devices if they should not be discovered.
However, some SNMP products, such as SNMP MIB browsers, might use an unofficial way to detect devices. Our sample, snmpdiscover, implements one common approach.
The following device discovery approaches rely on UDP broadcasting. THerefore, they are valid only for IPv4. IPv6 does not support broadcasting.
If you are the network administrators and hit this page, think twice whether you need to discover devices. Keep in mind that you are supposed to know all the devices and their IP addresses.
UDP allows broadcast, so if we broadcast an SNMP GET request with OID
18.104.22.168.22.214.171.124.0 using community name
"public", some devices will
reply with their device information. In this way we know both the device IP
address and type from the replies.
You should avoid using “public” as community name, as it is so well known.
RFC 3414 defines a discovery process for SNMP v3. This gives us a chance to discover all v3 enabled devices in the same network by broadcasting a simple discovery request without any credentials.
As in this way the device IP address is revealed, make sure your devices don’t use a common user name and passwords.