Structure of Management Information (SMI)

SMI defines the structure of the MIB information and the allowable data types. The SMI identifies how resources within the MIB are represented and named.

The philosophy behind SMI is to encourage simplicity and extensibility within the MIB.

The SNMP specification includes a template, known as an Abstract Syntax Notation One (ASN.1) OBJECT TYPE macro, which provides the formal model for defining objects and tables of objects in the MIB.

Several data types are allowed in SMI. the primitive data types consists of INTEGER, OCTET STRING, NULL, and OBJECT IDENTIFIER

Primitive data types are written in uppercase, while user defined data types start with an uppercase letter but contain at least one character other than an uppercase letter.

An OBJECT IDENTIFIER is represented as a sequence of nonnegative integers where each integer corresponds to a particular node in the tree.

Data type is used to identify a managed object and relating its place in the object hierarchy.

the object. ith sort that would be communicated in any ASN.1 commentary annotations associated w

semantic definitions necessary for interpretation; it typically contains information of the Contains a textual definition of the object type. The definition provides all -:onDescripti

write). -only) or whether it may also be modified (readDefines whether the object value may only be retrieved but not modified (read-:Access

purposely restricts the ASN.1 constructs that can be used to promote simplicity. object type. The SMI Defines the abstract data structure corresponding to the-:Syntax

The following keywords are used to define a MIB object:

related object instances grouped in MIB tables. define objects tabular whereas instance object single a define objects lar multiple Sca

There are two types of MIBs: scalar and tabular. hese are accessed using a protocol such as SNMP. and tunder their control

tree MIB the of section exclusive an has equipment SNMP of vendor Each structure tually database but implementation dependant. MIB. As such, it is not ac

Each managed device keeps a database of values for each of the definitions written in the of the managed object within the device to be managed (such as a router, switch, etc.)

rganized hierarchically which define the properties MIBs are a collection of information o) MIB ( Management Information Base

MIB Object Identifiers

Each object in the MIB has an object identifier ( OID), which the management station uses to request the object's value from the agent.

An OID is a sequence of integers that uniquely identifies a managed object by defining a path to that object through a tree-like structure called the OID tree or registration tree. When an SNMP agent needs to access a specific managed object, it traverses the OID tree to find the object.

The MIB object identifier hierarchy and format is shown in the above figure.

RMON (Remote Network Monitoring)

RMON provides standard information that a network administrator can use to monitor, analyze, and troubleshoot a group of distributed local area networks (LANs) and interconnecting T-1/E-1 and T-2/E-3 lines from a central site.

RMON specifically defines the information that any network monitoring system will be able to provide.

The latest level is RMON Version 2 (sometimes referred to as "RMON 2" or "RMON2"). RMON can be supported by hardware monitoring devices (known as "probes") or

through software or some combination. A software agent can gather the information for presentation to the network administrator

with a graphical user interface. A number of vendors provide products with various kinds of RMON support. RMON collects nine kinds of information, including packets sent, bytes sent, packets

dropped, statistics by host, by conversations between two sets of addresses, and certain kinds of events that have occurred.

A network administrator can find out how much bandwidth or traffic each user is imposing on the network and what Web sites are being accessed. Alarms can be set in order to be aware of impending problems.

What is Network Security?

Security refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. Most security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system.

Passive - An attack such as listening to communications then attacking the encryption scheme off line may be done.

ormation. attack to gain passwords or other vital infparty when they are really communicating with the attacker. The attacker may use the the attacker may try to convince the victim that they are communicating with another

n in the middle attack. During this attack A common attack of this type is the ma-Active

Difficult to detect, so emphasis on prevention rather than detection •

Pattern analysis Traffic analysis

ex: telephone conversation, sensitive info in the form of a file, etc.

Release of message contents

pes: Two ty•resources Attempt to learn or make use of information from the system but do not affect system •

encrypted passwords.A means attacking a system to determine passwords from hashed or -Dictionary attack

unauthorized effect. capture data unit and use it in retransmissions to produce –Replay

impersonating by replay of valid authentication sequence. -MasqueradeTypes: • Easy to detect but difficult to prevent.• Attempt to modify data stream or create a false stream. •