Summary

We've now seen two simple programs that were used to interact with the Windows NT/2000 SNMP agents . Written in Visual C++ and Java, respectively, these programs provide what might be considered the low-level bricks or widgets that can be brought together to form a more complex product. The latter could in turn be built upon to become an NMS. The choice of programming languages was driven by considerations such as multiplatform support (Visual C++ is restricted to Windows, Java is multiplatform ), the version of SNMP that can be used, and so on. It is surprisingly straightforward to produce such software programs. Once written, the two example programs can be combined using the target SNMP agent as a type of programming language-independent traffic cop; for example, set the C++ program to receive traps, then send a bad getRequest from the Java program, and the agent will send an authentication failure trap message to the C++ program. In effect, the agent is indifferent to the sending program just as long as the messages it receives conform to the SNMP protocol.

We saw a security violation caused by the use of an incorrect community string. The receiving agent discards the message and emits an authentication failure trap. The manager should not then resend the erroneous message because the same failure will occur. In a sense, this could be construed as a type of unintentional attack on the agent.

The example programs can be extended and made into more complex NMS components that use, for example, database services and a multiclient GUI. An important design goal is providing support for SNMPv3 ”JDMK allows this.