|
|
Suppose that the administrator notices several local connection attempts to a restricted service (such as NNTP, the USENET News Transfer Protocol) from an unknown host. The administrator can use snmpstat to gather information about that host, provided the unknown host is running SNMP.
The following example shows the commands the administrator might use.
Verifying the origin of a network connection
# snmpstat paris publicActive Internet connections Proto Local Address Foreign Address (state) tcp paris.nntp bach.CS.ESU.EDU.1021 ESTABLISHED
# snmpstat -s bach.CS.ESU.EDU
System Group Description: SNMPD VERSION 9.4.0.0 SUN 3/260 - SUNOS3.5 ObjectID: SNMP_Research_UNIX_agent.9.4.0.3 UpTime: 4 days, 15 hours, 56 minutes, 39 seconds, 74 hundredths Contact: Operations 1-999-555-1040 Name: bach.CS.ESU.EDU Location: Comp Center Services: applications, end-to-end