154 One other problem with tkined is that it uses a single community string when talking with devices. This can be changed with Set SNMP Parameters, which is available on several menus. But if you are using different community strings within your network or prefer using read-only strings most of the time but occasionally need to change something, changing the community string can be a nuisance. Overall, these few problems seem to be minor inconveniences for an otherwise remarkably useful program. The program has a number of additional features—such as sending reports to the syslog system—that were not discussed here. You should, however, have a pretty good idea of how to get started using tkined from this discussion.

7.3 Non-SNMP Approaches

Of course, SNMP is not the only way to retrieve information or monitor systems. For example, a number of devices now have small HTTP servers built in that allow remote configuration and management. These can be particularly helpful in retrieving information. With Unix, it is possible to remotely log on to a system using telnet or ssh over a network connection and reconfigure the host. There is probably very little I can say about using these approaches that you dont already know or that isnt obvious. There is one thing that you undoubtedly know, but that is all too easy to forget—dont make any changes that will kill your connection. [4] [4] One precaution that some administrators use is connecting the console port of crucial devices to another device that should remain reachable—a port on a terminal server, a modem, or even a serial port on a nearby server. If you take this milking-machine approach, be sure this portal is secure. Some remote-access programs provide a greater degree of control than others. In a Microsoft Windows environment, where traditionally there is only one user on a system, a remote control program may take complete control of the remote system. On a multiuser system such as a Unix-based system, the same software may simply create another session on the remote host. Although these programs are not specifically designed with network management in mind, they work well as management tools. While these approaches will allow you to actively retrieve information or reconfigure devices, the remote systems are basically passive entities. There are, however, other monitoring tools that you could consider. Big Brother bb is one highly regarded package. It is a web-based, multiplatform monitor. It is available commercially and, for some uses, noncommercially.

7.4 Microsoft Windows

SNMP is implemented as a Win32 service. It is available for the more recent versions of Windows but must be installed from the distribution CD-ROM. Installation and setup is very straightforward but varies from version to version.

7.4.1 Windows SNMP Setup

With NT, SNMP is installed from the Network applet under the Control Panel. Select Add under the Services tab, then select SNMP Services from the Select Network Service pop-up box. You will then be prompted for your distribution CD-ROM. Once it is installed, a pop-up box called Microsoft 155 SNMP Properties will appear. You use the three tabs on this box to configure SNMP. The Agent tab is used to set the contact and location. The Traps tab is used to set the Community name and address of the management station that will receive the traps. Use the Add button in the appropriate part of the box. The Security tab is used to set the community strings, privileges, and addresses for the management stations. Be sure to select the radio button Accept SNMP Packets for These Hosts if you want to limit access. If you experience problems running SNMP, try reinstalling the latest service pack from Microsoft. Installation with Windows 98 is similar, but at the Select Network Service prompt, you must click Have Disk. The SNMP agent can be found in the \Tools\Reskit\Netadmin\SNMP\ directory on the installation disk. SNMP is not included with the original distribution of Windows 95 but can be installed from the Resource Kit or downloaded from Microsoft. On later releases, it can be found on the distribution disk in \Admin\Ntools\SNMP. With Windows 2000, instead of using the Network applet, you will use the AddRemove Programs applets. Select AddRemove Windows Components. From the Windows Components Wizard, select Management and Monitoring Tools. Click on Next to install SNMP. To configure SNMP, start the Administrative Tools applet, and select Services and then SNMP Services. Youll be given more choices, but you can limit yourself to the same three tabs as with Windows NT. For further details on installation and configuration of SNMP on Windows platforms, look first to the Windows help system. You might also look at James D. Murrays Windows NT SNMP.

7.4.2 SNMP Tools

NET SNMP is available both in source and binary form for Windows. With the binary version I downloaded, it was necessary to move all the subdirectories up to C:\usr to get things to work. Although the program still needs a little polish, it works well enough. As noted in Chapter 6 , tkined is also available under Windows. One very nice freeware program for Windows, written by Philippe Simonet, is getif. This provides both SNMP services as well as other basic network services. It is intuitively organized as a window with a tab for each service. To begin using getif, you must begin with the Parameters tab. You identify and set the community strings for the remote host here. Having done this, clicking on Start will retrieve the basic information contained in the system group. This is shown in Figure 7-14 . Even if you know this information, it is a good idea to get it again just to make sure everything is working correctly. Figure 7-14. getif Parameters tab 156 Once this has been done, many of the other services simply require selecting the appropriate tab and clicking on Start. For example, you can retrieve the devices interface, address, routing, and ARP tables this way. The Reachability tab will allow you to send an ICMP ECHO_REQUEST and will also test if several common TCP ports, such as HTTP, TELNET, SMTP, and so on, are open. The Traceroute tab does both a standard ICMP traceroute and an SNMP traceroute. An SNMP traceroute constructs the route from the route tables along the path. Of course, all the intervening routers must be SNMP accessible using the community strings set under the Parameters tab. The NSLookup tab does a name service lookup. The IP Discovery tab does simple IP scanning. The MBrowsertab provides a graphical interface to NET SNMP. This is shown in Figure 7-15 . In the large pane in the upper left, the MIB tree is displayed. You can expand and collapse subtrees as needed. You can select a subtree by clicking on its root node. If you click on Walk, all readable objects in the subtree will be queried and displayed in the lower pane. You can also use this display to set objects. Figure 7-15. getif MBrowser tab 157 The Graph tab will be discussed in Chapter 8 .

7.4.3 Other Options