1
00:00:00,560 --> 00:00:08,120
‫Simple network management protocol as an MP, as an internet standard protocol for collecting and organizing

2
00:00:08,120 --> 00:00:13,910
‫information about managed devices on IP networks and from modifying that information to change device

3
00:00:13,910 --> 00:00:14,410
‫behavior.

4
00:00:16,590 --> 00:00:22,410
‫Devices that typically support as an MP include cable modems, routers, switches, servers, printers

5
00:00:22,410 --> 00:00:24,540
‫and a lot of other devices.

6
00:00:25,640 --> 00:00:28,850
‫It uses the port one, six, one by default.

7
00:00:29,880 --> 00:00:37,020
‫It's an application layer protocol and uses both TCP or UDP protocols in transport layer.

8
00:00:39,150 --> 00:00:42,840
‫As an MP, view one is the original version of the protocol.

9
00:00:44,450 --> 00:00:52,510
‫More recent versions as an MPV to see and as an MPV three feature improvements in performance and flexibility

10
00:00:52,520 --> 00:00:53,780
‫and of course, security.

11
00:00:55,970 --> 00:01:03,710
‫If S&P service is enabled in a network device and if it's not configured in a secure manner, we're

12
00:01:03,710 --> 00:01:06,560
‫able to gather a lot of information using the service.

13
00:01:08,630 --> 00:01:15,140
‫So let's look at our router and see if the SNP service is enabled, if now will enable it and then,

14
00:01:15,320 --> 00:01:17,240
‫well, we're going to have some fun.

15
00:01:19,740 --> 00:01:26,370
‫OK, so now we are back in jeans three and all the devices are up and running.

16
00:01:27,930 --> 00:01:32,090
‫So go to the router console this right click on it and select console.

17
00:01:33,060 --> 00:01:34,920
‫The console is already open here.

18
00:01:35,490 --> 00:01:44,580
‫Now to test the S&P service type show as an MP and hit enter as an MP agent is not enabled at the moment,

19
00:01:44,580 --> 00:01:45,570
‫so let's enable it.

20
00:01:46,900 --> 00:01:53,140
‫Configured terminal, you can complete the command by pressing tab after a few initial letters, or

21
00:01:53,470 --> 00:01:57,100
‫if there's only one option with those letters, then you can use it as it is.

22
00:01:58,550 --> 00:02:03,740
‫So in a year, you can use Configure Terminal Command just like confetti.

23
00:02:05,170 --> 00:02:09,970
‫As an MP server enabled traps to enable S&P Trap.

24
00:02:10,900 --> 00:02:17,050
‫Let me just tell you that as an MP, traps are alert messages sent from a remote as an MP enabled device

25
00:02:17,050 --> 00:02:21,310
‫to a central collector or the SNP manager, right?

26
00:02:22,150 --> 00:02:26,200
‫A trap might tell you that a device is overheating, for example.

27
00:02:28,480 --> 00:02:35,530
‫This will be enough to enable S&P service, so type end to exit from the configuration mode and again

28
00:02:35,530 --> 00:02:38,230
‫type show S&P and hit enter.

29
00:02:38,320 --> 00:02:41,620
‫And look at that yes and no service is enabled now.

30
00:02:43,340 --> 00:02:45,530
‫So you'll see a brief summary of the service.

31
00:02:47,860 --> 00:02:51,670
‫Now we should be able to identify as an MP, community strings.

32
00:02:52,480 --> 00:02:59,710
‫The SNMP community string is like a user ID or password that allows access to a routers or some other

33
00:02:59,710 --> 00:03:01,050
‫devices statistics.

34
00:03:03,340 --> 00:03:10,630
‫As an MP, community strings are used only by devices which support as an MP version one and as an MP

35
00:03:10,630 --> 00:03:18,460
‫version to see protocol as an MP three uses username password authentication along with an encryption

36
00:03:18,460 --> 00:03:18,790
‫key.

37
00:03:20,770 --> 00:03:23,380
‫So once again, enter the Configure Terminal mode.

38
00:03:24,740 --> 00:03:34,460
‫Type in as an MP server community in anywhere the command in just put a question mark to get help about

39
00:03:34,460 --> 00:03:35,210
‫what's expected.

40
00:03:36,290 --> 00:03:42,320
‫So here it waits for the community name, so says Use Public, which is a commonly used name for Read-Only

41
00:03:42,320 --> 00:03:46,970
‫communities unless the community type R0 for Read-Only.

42
00:03:48,710 --> 00:03:53,600
‫So now that we're on a roll, let's create another community with a right privilege this time.

43
00:03:55,060 --> 00:03:57,100
‫Well, the name be private.

44
00:03:58,550 --> 00:04:04,610
‫And I'll put a question mark here to see the options, and we chose our over the previous community.

45
00:04:04,640 --> 00:04:08,720
‫Now let's use R.W. to give community the right access.

46
00:04:10,520 --> 00:04:16,040
‫And to say that configuration mode and you are to save that configuration.

47
00:04:17,790 --> 00:04:21,870
‫Now, let's go back to Khalid Atassi as an MP service.

48
00:04:23,520 --> 00:04:30,180
‫So there's already a terminal screen inside my Carly, and here there's an end map query to query the

49
00:04:30,180 --> 00:04:34,080
‫most used ports, including the SNP default port 161.

50
00:04:35,220 --> 00:04:42,660
‫The query was run before we enable the SNP service, but as you see, yes, an MP was closed then,

51
00:04:43,050 --> 00:04:44,910
‫so that's around the query again.

52
00:04:45,840 --> 00:04:48,180
‫Call the same query by clicking the up arrow.

53
00:04:48,330 --> 00:04:51,870
‫Here it is, the target IP and the ports to scan.

54
00:04:53,170 --> 00:04:54,070
‫So on this query.

55
00:04:54,400 --> 00:04:58,420
‫S Capital S identifies the scan type as a sin scan.

56
00:04:59,230 --> 00:05:01,810
‫It's a scan type to scan TCP ports.

57
00:05:02,860 --> 00:05:07,840
‫O is for OHS detection as Capital V is for version detection.

58
00:05:08,230 --> 00:05:12,280
‫Reason is to see the reason why the port is signed as open or closed.

59
00:05:12,670 --> 00:05:14,500
‫Now press enter to run the query.

60
00:05:18,300 --> 00:05:27,510
‫Well, look at that the Port 161 is supposed to be open, but it's not OK, I know the reason we scanned

61
00:05:27,510 --> 00:05:33,000
‫the TCP ports, but as an MP uses the UDP ports in general.

62
00:05:33,540 --> 00:05:37,710
‫So if we scan the UDP port one six one, we'll see that it's open.

63
00:05:38,870 --> 00:05:39,150
‫OK.

64
00:05:39,470 --> 00:05:42,950
‫We'll scan the Port UDP one, six one in the next lecture.