Standard

Cacti Notes II & SNMPv3

By On In Unix/Linux 2 min read

CentOS/RHEL/SL Interfaces list (eth0; eth1….)

In cacti 0.8.6g (and perhaps f), using redhat (I’ve seen enterprise, RH9, Fedora 3 and 4 mentioned) there’s a problem getting the list of interfaces to be detected, which allows you to graph traffic.

The typical problems involve the following errors:
“No SNMP data returned” (from verbose query in the devices detail)
No data returned while running snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.2.2.1.1
General problems getting Interface – Traffic graphs to work

The problem resides in the permissions for SNMP version 1 users in the /etc/snmp/snmpd.conf file

You need to change the following limits:
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1

to:
view systemview included .1.3.6.1.2.1
view systemview included .1.3.6.1.2.1.25.1.1

This reduces the limits to the pubic group’s access using smtpwalk and allows cacti to get the list of interfaces.

#########

How to configure SNMPv3 securely in CentOS/RHEL/SL

Now we’re talking. This versions supports authentication passwords, that get not transfered in the clear and it also supports encryption passwords so a attacker does not see what is transfered. I’ll show you now how you configure your CentOS/RHEL/SL to let it be queried via SNMPv3 in a secure way.

We need to install the package we need:
yum install net-snmp
We create our user. SHA1 is used for the authentication and AES for the encryption of the traffic. And for security it is important to use two separated passwords.
service snmpd stop
net-snmp-create-v3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user
service snmpd startThis will print something like thisadding the following line to /var/lib/net-snmp/snmpd.conf:
createUser snmpv3user SHA "snmpv3authPass" AES snmpv3encPass
adding the following line to /etc/snmp/snmpd.conf:
rouser snmpv3user

Secure the SNMP daemon with a host firewall and only allow requests from source IP addresses you know and which need to query the system.
Verify that everything works with following command:
snmpwalk -u snmpv3user -A snmpv3authPass -a SHA -X snmpv3encPass -x AES -l authPriv 127.0.0.1 -v3
So as you see it is quite easy, so there is now reason to use anything less secure!

If you want to delete the user, just edit the two files mentioned above. In /etc/snmp/snmpd.conf delete the line rouser snmpv3userand in /var/lib/net-snmp/snmpd.conf look for a line like this and remove it:

usmUser 1 3 0x80001f88801e15113fbf17bf5100000000 0x736e6d7076337573657200 0x736e6d7076337573657200 NULL .1.3.6.1.6.3.10.1.1.3 0xaaa3bc2aa941d932a581bbb11956699a7d807238 .1.3.6.1.6.3.10.1.2.4 0xcd6eed84f9d1aa903e92162f0e3fcb26 ""

restart the daemon with service snmpd restart and the user is gone.

# date
Thu Aug 27 02:49:26 AZST 2015

more
Standard

Motorola XT907 & XT926 GSM Unlock tutorial

By On In Android 1 min read

Hi

Reposting source from XDA

In the beginning wound like to share my experience with Motorola QC Drivers on Win 7 & Win 7 x64.

On the 32 drivers installed successfully and I was able to connect to “COM8” thru CDMA Workshop

On x64 I had to play with drivers manually…you can always search for solution in the Internet :)

 

Thanks again to dragonhart6505 from XDA!!!

 

 

1: get the Motorola QC Diagnostics driver to install. hard with Win7 x64, but be diligent it does work.
2: boot your XT907/XT926 into BP Tools mode (Vol Up and Down + Power, scroll down to BP Tools hit Vol Up)
3: connect to your computer
4: open CDMA WS 2.7 or higher
5: connect to your COM Port and press CONNECT
6: click the SECURITY tab and enter 000000 as SPC and click SEND
7: click the MAIN tab and click READ *dunno if you need to but I did for safe measure*
8: click the MEMORY tab and select READ under NV ITEMS. dismiss the SPC prompt
9: First Item to read is 8322. Last Item to read is 8323. click SAVE and name the .txt file whatever you want, just remember where you put it
10: open the .txt file you just saved and under 8322 you will see 01 00 00 00 00 etc. change 01 to 00 and save the .txt file. DONT CHANGE 8323!!!
11: back in CDMA WS click WRITE under NV ITEMS. dismiss the SPC prompt again
12: find the .txt file you just edited and click OK
13: reboot the phone and put in your preferred Sim
14: in Settings go to More… under Wireless Networks and change your Network Mode to GSM/UMTS
15: SUCK IT VERIZON

I have bought 3 XT926 and 1 XT907 models on Ebay and this trick worked for me flawlessly…

 

 

 

more