snmputil walk 对方ip public .1.3.6.1.2.1.25.4.2.1.2 列出系统进程
snmputil walk 对方ip public .1.3.6.1.4.1.77.1.2.25.1.1 列系统用户列表
snmputil get 对方ip public .1.3.6.1.4.1.77.1.4.1.0 列出域名
snmputil walk 对方ip public .1.3.6.1.2.1.25.6.3.1.2 列出安装的软件
snmputil walk 对方ip public .1.3.6.1.2.1.1 列出系统信息
Snmputil知识
Snmputil是一个命令行下的软件,使用语法如下: usage: snmputil get|getnext|walk] agent community oid [oid ...] snmputil trap
其中agent表示代理进程的IP地址,community表示团体名,oid表示MIB对象ID。
举例说明:
1)查看本地计算机(IP地址为192.168.0.3)的系统信息
通过对系统组的MIB对象的查阅,我们知道系统信息所对应的MIB对象为.1.3.6.1.2.1.1.1(参看系统组对象),我们使用get参数来查询:
C:>snmputil get 192.168.0.3 public .1.3.6.1.2.1.1.1.0
Variable = system.sysDescr.0
Value = String Hardware: x86 Family 15 Model 2 Stepping 7 AT/AT COMPATIBLE -
Software: Windows 2000 Version 5.1 (Build 2600 Uniprocessor Free)
其中public是192.168.0.3计算机上的团体名,.1.3.6.1.2.1.1.1.0是对象实例,注意对象ID前面要加一个点".",后面还要加一个"0"。如果不在对象ID末尾加上一个0,那么用get参数查询就会出错。从查询结果中我们能够看出操作系统版本和CPU类型。
2)查询计算机连续开机多长时间
C:>snmputil get 192.168.0.3 public .1.3.6.1.2.1.1.3.0
Variable = system.sysUpTime.0
Value = TimeTicks 447614
如果我们在对象ID后面不加0,使用getnext参数能得到同样的效果:
C:>snmputil getnext 192.168.0.3 public .1.3.6.1.2.1.1.3
Variable = system.sysUpTime.0
Value = TimeTicks 476123
3)查询计算机的联系人
C:>snmputil get 192.168.0.3 public .1.3.6.1.2.1.1.4.0
Variable = system.sysContact.0
Value = String administrator
以上简单介绍了用snmputil查询代理进程的方法,由于在命令行下使用,可能大家感到颇为不方便,但命令行的一个好处就是可以促进大家主动查阅MIB对象,加深对SNMP网络管理的认识。
4)使用walk查询设备上所有正在运行的进程:
C:>snmputil walk 192.168.0.3 public .1.3.6.1.2.1.25.4.2.1.2
Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry. hrSWRunName.1
Value = String System Idle Process
Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry. hrSWRunName.4
Value = String System
Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry. hrSWRunName.292
Value = String snmputil.exe
Variable = host.hr
SWRun.hrSWRunTable.hrSWRunEntry. hrSWRunName.308
Value = String RavTimer.exe
Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry. hrSWRunName.336
Value = String RavMon.exe
限于篇幅笔者就不把所有进程列出来,大家可以在自己的计算机上面实验,以加强感性认识。
5)查询计算机上面的用户列表
C:>snmputil walk 192.168.0.3 public .1.3.6.1.4.1.77.1.2.25.1.1
Variable = .iso.org.dod.internet.private.enterprises. lanmanager.lanmgr-2.server.
svUserTable.svUserEntry.svUserName.4.117.115.101.114
Value = String user
Variable = .iso.org.dod.internet.private.enterprises. lanmanager.lanmgr-2.server.
svUserTable.svUserEntry.svUserName.5.71.117.101.115.116
Value = String Guest
Variable = .iso.org.dod.internet.private.enterprises. lanmanager.lanmgr-2.server.svUserTable.svUserEntry. svUserName.13.65.100.109.105.110. 105.115.116.114.97.116.111.114
Value = String Administrator
从中我们可以得知该计算机共有三个用户,它们分别为user、guest和administrator。
Snmputil还有一个trap的参数,主要用来陷阱捕捉,它可以接受代理进程上主动发来的信息。如果我们在命令行下面输入snmputil trap后回车,然后用错误的团体名来访问代理进程,这时候就能收到代理进程主动发回的报告。
在MIBII中总共有175个对象,每个对象均有其不同的含义,我们只有通过查阅MIB才能知道它们各自的作用。MIB对象是SNMP网络管理中的核心内容,只有深入了解MIB对象的含义我们才有可能知道如何去驾驭SNMP网络管理。
GETting a few Windows NT OIDs:Gets Current Anon. HTTP Users: - Won't work unless you had SNMP installed before you added IIS.
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.7.3.1.6.0Gets Total Anon. HTTP Users: - Won't work unless you had SNMP installed before you added IIS.
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.7.3.1.8.0Gets Maximum Anon. HTTP Users: - Won't work unless you had SNMP installed before you added IIS.
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.7.3.1.10.0Gets NT CPU % Usage:
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.2.1.3.0Gets C: Space remaining (MB):
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.5.1.4.0 Gets RAM free (Bytes): (see snmputil image above)
snmputil get 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.1.1.0
Walking the Windows NT OID trees:Lists all memory and processor OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.1Lists all processor OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.2Lists all network interface OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.3Lists all physicaldisk OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.4Lists all logicaldisk OID:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.5Lists all process OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.7Lists all paging file OIDs:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.1.3.1.1.9Lists all the HTTP Server OIDs: - Won't work unless you had SNMP installed before you added IIS.
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.311.1.7.3.1
You can then "drill down" to the OID you need to access! Try it!
GETting a few NetWare Server OIDs:
Getting Server Name:
snmputil get 127.0.0.1 public .1.3.6.1.4.1.23.2.28.1.1.0
Getting Server Serial Number:
snmputil get 127.0.0.1 public .1.3.6.1.4.1.23.2.28.1.2.0
Getting IPX Internal Net Number:
snmputil get 127.0.0.1 public .1.3.6.1.4.1.23.2.28.1.3.0
Getting Current Number of Open Files:
snmputil get 127.0.0.1 public .1.3.6.1.4.1.23.2.28.1.7.0
Getting Values for DOS Memory :
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.1
Alloc Memory Pool:
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.2
Cache Buffers (you need to multiply the returned value by 4096 to get the actual value)...
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.3
Cache Moveable Memory (you need to multiply the returned value by 4096 to get the actual value)...
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.4
Cache Non-Moveable Memory (you need to multiply the returned value by 4096 to get the actual value)...
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.5
Code and Data Memory:
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.6
SYS:
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.7
FIRST VOL: (will be SYS on NetWare 3.1x/4/4.1x and NSS_ADMIN on NetWare 5)...
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.8
SECOND VOL:
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.9
THIRD VOL:
snmputil get 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6.10
Walking the NetWare Server OID trees:
Walking the NetWare Server (nwSystem) tree:
snmputil walk 127.0.0.1 public .1.3.6.1.4.1.23.2.28.1.
Walking Memory Usage Tree:
snmputil walk 127.0.0.1 public .1.3.6.1.2.1.25.2.3.1.6