?
Solved

Is there a tool to change the SNMP community string in multiple devices?

Posted on 2014-10-02
7
Medium Priority
?
249 Views
Last Modified: 2014-10-20
Hello,

We have over 500 devices - printers, network scanners, switches, routers, servers, specialized network devices, all with their default snmp community strings. We know what the strings are, and so does everyone else.

We would like to change them all in one go but lack the programming capabilities to do. Is there a tool/utility/script that can assist us in this securing exercise?

Thank you.
0
Comment
Question by:netcmh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 25

Assisted Solution

by:Ken Boone
Ken Boone earned 750 total points
ID: 40356961
Wow.  So the short answer is no.  If say you had a cisco network and were using there management tools, the old ciscoworks or the newer prime infrastructure - and the devices were already set up in the tool, then yes you could push the changes out to all the CISCO devices.   That still would leave you with printers - I'm sure various manufacturers, scanners, servers, and specialized network devices.

The only way that I know for this to be done is if you were already managing everything through a super expensive high level management tool like HP open view that worked with all of the providers management tools etc.. to push these changes out.

Its easy to monitor all of these devices, but making changes to multiple manufacturers equipment in one shot would take a very expensive and sophisticated system.
0
 
LVL 21

Author Comment

by:netcmh
ID: 40356968
Glad you brought that topic up. I'm looking for something open source or freeware.
0
 
LVL 25

Expert Comment

by:Ken Boone
ID: 40356970
BTW for switches and routers (and I am assuming we are talking about commercial level equipment not consumer stuff you get from best buy) there are several tools that you can purchase that can help you.   Solarwinds - Network Configuration Manager, Cisco Prime Infrastructure to name a few.  There is probably something else out there for pushing changes out to your windows servers.  The rest of the stuff you are probably going to have to do manually.
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 25

Expert Comment

by:Ken Boone
ID: 40356977
For monitoring via open source there are a ton of tools available.  I like Cacti with several of its plugging.  The easiest distribution to get up and running is cactiez.  It can be downloaded here:
http://cactiez.cactiusers.org

That is for monitoring, alerting, but its biggest feature is historical bandwidth reporting.
0
 
LVL 21

Author Comment

by:netcmh
ID: 40358138
I'm still holding out for any scripts, utilitites or tools that could help.
0
 
LVL 26

Accepted Solution

by:
Fred Marshall earned 750 total points
ID: 40360125
Ken Boone gave you a good answer.
The problem goes like this:
1) Make a list of all the devices involved.
2) Add their method of interfacing.  You will likely be using their command line interface for something like this - so list the command line interface type/language/etc.
3) For each different type of interface, you will need a script to march through the login (username and password generally required), select the needed menu item or issue the appropriate commands otherwise, get to the SNMP settings and set the String.

Unless you have one manufacturer of networked equipment throughout (which is unlikely) then you are going to have to develop the scripts for possibly each device separately! (worst case).  That's a lot of fiddling around and debugging, etc.
Better to bit the bullet and do it manually.  You'll complete the task much faster.

But, if you insist, I'd start with ExtraPuTTY and see if you can do it on at least ONE device first - i.e. automate a login with script.
0
 
LVL 21

Author Comment

by:netcmh
ID: 40391809
No solution found. Closing.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses
Course of the Month12 days, 11 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question