«

I am trying to set up a way to track the host on my network using a
Perl script. I dont want to telnet in to the device using
Net::Telnet::Cisco. I am thinking using Net::SNMP and the ro community
string will be a bit more secure. Any one have any good pointers or
experience doing this on CatOS and IOS devices?

Peper

In article <. com>,
PeperG <> wrote:
>I am trying to set up a way to track the host on my network using a
>Perl script. I dont want to telnet in to the device using
>Net::Telnet::Cisco. I am thinking using Net::SNMP and the ro community
>string will be a bit more secure. Any one have any good pointers or
>experience doing this on CatOS and IOS devices?

What kind of host tracking did you want to do?
I did some things up in a mix of perl and ksh to do the kinds
of tracking that -I- needed, but different people have different
ideas about what's important.

In some ways, the code is quite straight forward: send a probe,
record the response in a data structure, repeat, and at the end
interpret the data combinations into printable format.

On the other hand, the code isn't quite so straight forward, because
of an important factor that you will seldom find documented:

SNMP agents lie. Repeatedly.

Thus it takes a non-trivial amount of experience with networks and SNMP
to figure out what the agents are lying about, how to get around
the lies, and how to best account for the inconsistancies that you
will find in the data structures.

If you have more financial budget than time budget, I'd recommend
obtaining a pre-written tool. You -can- write the tools "free",
but the time investment required is fairly noticable -- not "huge"
but not "just a couple of days" either.


You will likely find, by the way, that the best way to proceed is
to fetch the OIDs and just record the responses, as quickly as you
can (so that you get the most consistant view of what was happening
at a particular time); and only after you have recorded the responses
do you proceed to the parsing and data analysis phase. If you record
the raw SNMP responses before analysis, then you will later be able to
go back and do other kinds of analysis. For example, if you want
a report on all the ports that are acting like trunk ports (darn
user-installed switches!), and then you want a report on the VLAN
setup of the switches, you don't want to have to have it go back
and rescan all the switches: you want to be able to make use of
anything you already happened to record. And when you are tracking
wayword systems, you want to be able to track timing patterns to
give you a better idea of who is using the system. And so on.
Record once, analyze repeatedly.

On Wed, 07 Feb 2007 14:15:15 -0800, PeperG wrote:

> I am trying to set up a way to track the host on my network using a
> Perl script. I dont want to telnet in to the device using
> Net::Telnet::Cisco. I am thinking using Net::SNMP and the ro community
> string will be a bit more secure. Any one have any good pointers or
> experience doing this on CatOS and IOS devices?
>
> Peper


http://www.cc-lan.fraunhofer.de/projekte/tirith/

On Feb 7, 7:18 pm, rober...@hushmail.com (Walter Roberson) wrote:
> In article <1170886515.769206.299...@h3g2000cwc.googlegroups. com>,
>
> PeperG <rekcah2...@gmail.com> wrote:
> >I am trying to set up a way to track the host on my network using a
> >Perl script. I dont want to telnet in to the device using
> >Net::Telnet::Cisco. I am thinking using Net::SNMP and the ro community
> >string will be a bit more secure. Any one have any good pointers or
> >experience doing this on CatOS and IOS devices?
>
> What kind of host tracking did you want to do?
> I did some things up in a mix of perl and ksh to do the kinds
> of tracking that -I- needed, but different people have different
> ideas about what's important.
>
> In some ways, the code is quite straight forward: send a probe,
> record the response in a data structure, repeat, and at the end
> interpret the data combinations into printable format.
>
> On the other hand, the code isn't quite so straight forward, because
> of an important factor that you will seldom find documented:
>
> SNMP agents lie. Repeatedly.
>
> Thus it takes a non-trivial amount of experience with networks and SNMP
> to figure out what the agents are lying about, how to get around
> the lies, and how to best account for the inconsistancies that you
> will find in the data structures.
>
> If you have more financial budget than time budget, I'd recommend
> obtaining a pre-written tool. You -can- write the tools "free",
> but the time investment required is fairly noticable -- not "huge"
> but not "just a couple of days" either.
>
> You will likely find, by the way, that the best way to proceed is
> to fetch the OIDs and just record the responses, as quickly as you
> can (so that you get the most consistant view of what was happening
> at a particular time); and only after you have recorded the responses
> do you proceed to the parsing and data analysis phase. If you record
> the raw SNMP responses before analysis, then you will later be able to
> go back and do other kinds of analysis. For example, if you want
> a report on all the ports that are acting like trunk ports (darn
> user-installed switches!), and then you want a report on the VLAN
> setup of the switches, you don't want to have to have it go back
> and rescan all the switches: you want to be able to make use of
> anything you already happened to record. And when you are tracking
> wayword systems, you want to be able to track timing patterns to
> give you a better idea of who is using the system. And so on.
> Record once, analyze repeatedly.

What I am thinking to start is to use the OID on the router to pull
the arp table from the core routers and then use the OID on the switch
to pull the cam table. Once I have them I want to then mesh them
ignoring the trunk ports for now to come up with a report that will
show me an IP, MAC, Switch, Switch Port. I dont have the expenses to
buy something and there are things that I want to later build upon it
like pulling information out of our asset db to get machine names
locations on the floor and stuff like that.

Any assistance or if someone would like to mentor a budding script
writer I would greatly appreciate any assistance.

Peper