SNMPv3 Traps with authPriv now supported

Unbrowse SNMP already has a powerful trap receiver. It supports SNMPv1, v2, v3 and IPv4 and IPv6. It can also run authentication checks on incoming traps. However, it could not decrypt SNMPv3 traps sent in authPriv mode.

Our latest release of Unbrowse SNMP now has the ability to decrypt SNMPv3 traps and show the results in the trap console. All auth protocols (MD5 and SHA) and privacy protocols (DES and AES-128) are supported.

Download it from here

Enjoy ! 

—————–

trapconpriv.jpg

How to use ?

To make it work you need to enter the security information for each agent from which you are expecting a trap. Use the Agents > Manage menu to create the agent and user.

Next enable this feature,

  • Select Tools > Customize > Advanced, Locate the Trap Console group in the Miscellaneous box
  • Find the last item “Try to decrypt authPriv traps” - and check it
  • You may also want to check “Authenticate incoming traps” ( 4 items up the list from the above)
  • See the screen below for the recommended options !

trapauthpriv.jpg
Now, incoming traps will be matched against the agent database. If there is a matching entry for User Name and the IP Address, the passwords specified by you will be used to decrypt and authenticate the trap.

 

Author: Vivek Rajagopalan

Vivek Rajagopalan is the a lead developer for Trisul Network Analytics. Prior products were Unsniff Network Analyzer and Unbrowse SNMP. Loves working with packets , very high speed networks, and helping track down the bad guys on the internet.