Windows 10 SNMP service not responding - windows

I'm trying to get my head around SNMP for a project I'm working on. After I failed miserably getting it to work in my company's network, I set up a simple 3-device network to test things on, consisting of two Windows 10 PCs and a manageable switch between them.
I installed the optional feature "SNMP" on both PCs, made sure the service is running correctly and configured both services to accept SNMP queries from each other. I made sure to open up UDP port 161 in both PCs firewalls. Then I got the Net-SNMP binaries in order to use SNMPGET and SNMPWALK. As an alternative, I set up the SNMP extension for PHP through xampp (since I want to use PHP in my project once I get SNMP to work). Finally, I installed wireshark to monitor what exactly is going on and this is what I found:
When I try SNMPGET or SNMPWALK either through cmd or as a PHP command, I always get a timeout message. Wireshark is showing the get-next-request leaving one PC and arriving correctly on the other, so the network connection itself is working fine. But the receiving PC never sends a response. As I said, I'm pretty new to SNMP and I'm at a loss as to why this is happening. As I understand it, the optional feature for Windows 10 comes with its own SNMP agent, correct? If so, what could cause it to simply ignore an incoming request from a valid source IP?
The funny thing is that this even happens when I try to send an SNMP query to 127.0.0.1. I have no idea what I'm doing wrong...

Thanks to the comment of Lex Li, I was able to finally figure out which step I made a mistake with:
When setting up the SNMP service, under the security tab, I had to add 'public' as an accepted community name (with READ-ONLY rights). I figured since 'public' is sort of the standard read-only community, it would be accepted by default, which apparently it is not.
Alternatively, I guess I could have added my own communtiy name, but I didn't try that since I only want to read some values through SNMP anyways and read-only access is all I need for that.
Thank you very much Lex Li, I'm off to continue my project now!

Related

Golang `pions` lib example issue

I've just started experimenting with WebRTC with Go and downloaded pions/webrtc library but I'am stuck with it's data-channels example.
As it written in docs I opened jsfiddle client example.
Then I'am running go run main.go command in the /go/src/github.com/pions/webrtc/examples/data-channels folder on my server to launch data-channel.
After that I copy Browser base64 Session Description from jsfiddle example and paste it into my terminal where data-channels go script is running and it generates Golang base64 Session Description code which I paste into jsfiddle example and then press Sart session button.
And it fails to establish connection :(
This is my jsfiddle example for client side:
And this is my server side go script:
What am I doing wrong?
Thanks for using pion-WebRTC (I am one of the developers!)
WebRTC uses a technology called ICE to allow peers to talk to each other. Two peers exchange IP addresses via the SDP (the text you pasted) then they attempt to communicate by sending small UDP packets between each other. Once two IP addresses successfully communicate via ICE the rest of the WebRTC steps can continue. For you this process is failing. I don't know how/why though. Firewalls, VPNs etc... all can cause problems.
You will have to debug and check different scenarios. I would try running the examples on your local PC. If that works then maybe try between a different server. A good tool to help here also is tcpdump that can show if UDP packets are arriving. I usually use tcpdump -i any udp and inbound
We also recently added IPv6 support, so might be worth trying from master and see if that helps at all! Hopefully this helps, but if you are still having issues feel free to ask more questions. We are also all available via our Slack Channel you can sign up here here and would be more then happy to chat!
I met similar problem, and I solved by
echo $BROWSER_SDP | ./main
BROWSER_SDP is the session description in your browser, main is the exe by go build main.go(you can rename exe by mv). This can make sure transfer SDP to the server, which is really important.
The detail

ARP request are sent even though Windows has an entry in cache (ARP Table)

We have a product that runs Windows XP Embedded SP1. We configure a fake (does not exist) MAC address for a fake IP in the ARP table. When there is a communication happening, Windows sends packets to the fake MAC and fakeIP and later we change it to real ones in a driver.
This is how the software is designed.
The problem is that sometimes Windows starts sending ARP requests for the fake IP even though it has an entry for it in the ARP table. I had no clue why this was happening and, in blind attempt to reproduce the issue, I wrote a script to delete ARP entry then add it again after some seconds. After some attempts, I saw the problem happening.
Any ideas about what should I check/change?
Can you Check the Ethernet Frame MAC Addresses in both cases, in the case where there is an entry and when there is no entry in the arp cache.
Additionally, Check your code, I think you will find some reference to the FAKE IP address inside your code (that you might have forgot to change)
There are many application layer protocols that require the use of ARP prior to their commmunication, So I think maybe you're using one of these protocols in your code and you instruct the code to communicate with the fake IP address, that's why when you invoke this protocol it uses arp to find the mac address of the fake IP.
Let me know if this answers your question.

Get MAC address

How do I know visitor's MAC address on linux hosting (nginx)?
From ethernet user.
Thanks.
You cannot get that through PHP.
Networks protocol are used in a stack. When doing HTTP communications, your web server uses the HTTP protocol, responsible for the high-level communications. This protocol is implemented on the top of the TCP protocol (which brings stream-like connections and port numbers), which in turn is implemented on the top of the IP protocol (v4 or v6, which bring IP addresses for identification), which in turn is implemented on the top of the Ethernet protocol.
The Ethernet protocol is the one you would need to work with. It has both the source MAC address and the destination MAC address. However, most unfortunately, there are a lot of problems with it.
First, the data it conveys is probably hard to access: I say "probably" because I never stumbled upon how to do it.
Second, much like you get your client's router address when they access your site, you get your client's router MAC address at the Ethernet level. Unless they don't traverse any router (which would only happen if your server was directly wired to your client machine without any router interfering, because there are a whole lot of routers out there that relay data to other parts of the Internet), there is no chance that the MAC address you'll receive will be your client's.
Third, Apache will never try to access that data. And since PHP is "sandboxed" into the network environment Apache gives it, there is no way you can wind back to the Ethernet protocol.
So accessing the MAC address of a visitor from a website, from PHP, is not possible.
EDIT Seems you've taken out the PHP part from your question. So obviously, the last point won't stand anymore.
You can't get that with php it's not included in http
The more general question is this one. Since all PHP has to work with (I'm assuming this is PHP running on your webserver, here) is the HTTP request, you won't be able to get the MAC address. That requires something running on the visitor's side.
This may, or may not work. I know it will work on LAN clients, however for external clients it may be incorrect. I don't overly know my networking, but it's worth a shot right?
If you execute the arp -a command on either windows or linux, it will print out your arp records, which you can then parse for the mac.
Other than that, as far as I know, apache (and therefor php) doesn't just give out mac addresses in its env vars.
*Edited: Sorry, that won't work... The better utility is arping however that will just give you the mac of your router.
If you want to do this, clients will need to be directly connected to your server, with no router in between...
However if that is the case, then arping will work... I don't know of a better tool, but it seems a bit wasteful to do a ping (in root) for just a mac address.
The mac address is only visible on for the network provider if i'm correct (your internet host can see the mac address of your router for example), don't think you can get it with php.

TCP: Address already in use exception - possible causes for client port? NO PORT EXHAUSTION

stupid problem. I get those from a client connecting to a server. Sadly, the setup is complicated making debugging complex - and we run out of options.
The environment:
*Client/Server system, both running on the same machine. The client is actually a service doing some database manipulation at specific times.
* The cnonection comes from C# going through OleDb to an EasySoft JDBC driver to a custom written JDBC server that then hosts logic in C++. Yeah, compelx - but the third party supplier decided to expose the extension mechanisms for their server through a JDBC interface. Not a lot can be done here ;)
The Symptom:
At (ir)regular intervals we get a "Address already in use: connect" told from the JDBC driver. They seem to come from one particular service we run.
Now, I did read all the stuff about port exhaustion. This is why we have a little tool running now that counts ports and their states every minute. Last time this happened, we had an astonishing 370 ports in use, with the count rising to about 900 AFTER the error. We aleady patched the registry (it is a windows machine) to allow more than the 5000 client ports standard, but even then, we are far far from that limit to start with.
Which is why I am asking here. Ayneone an ide what ELSE could cause this?
It is a Windows 2003 Server machine, 64 bit. The only other thing I can see that may cause it (but this functionality is supposedly disabled) is Symantec Endpoint Protection that is installed on the server - and being capable of actinc as a firewall, it could possibly intercept network traffic. I dont want to open a can of worms by pointing to Symantec prematurely (if pointing to Symantec can ever be seen as such). So, anyone an idea what else may be the cause?
Thanks
"Address already in use", aka WSAEADDRINUSE (10048), means that when the client socket prepared to connect to the server socket, it first tried to bind itself to a specific local IP/Port pair that was already in use by another socket, either an active one or one that has been closed but is still in the FD_WAIT state. This has nothing to do with the number of ports that are available.
I'm having the same issue on a Windows 2000 Server with a .Net application connecting to a SQL Server 7.0. There's like 10 servers with the same configuration and only one is showing this error several times a day. With a small test program I'm able to reproduce the error by just establishing a TCP connection on the SQL Server listening port. Running CurrPorts (http://www.nirsoft.net/utils/cports.html) shows there's still plenty of available ports in range 1024-5000.
I'm out of ideas and would like to know if you've found a solution since you've posted your question.
Edit : I finally found the solution : a worm was present on the server (WORM_DOWNAD.A) and exhausted local ports without being noticed.

Redirect Traffic from NIC to Another NIC On Separate Networks While Using Remoting

The project I'm working on is to handle data capture from scan guns (Pocket PC 2003) and process this data on a host (Win XP) then into our inventory database on a separate server (Win 2000). This is all driven by the Remoting framework provided by MS and As Good As It Gets (http://gotcf.net). The application is complete enough for a general proof of concept with both the client and server working properly while in the emulator.
All is well until I began to test using actual scan guns. Due to security concerns, the scanners are on a separate network (for clarification the 10 network) than the server (the 15 network). My development machine has dual NIC connected to both networks and can communicate with both independently. However, I am having issues with my application receiving information from the 10 network using .Net Remoting, and then sending out information to the server on the 15 network via a third party app (Combination of ODBC, Btrieve, and OLE).
Is there anyway to process information from one network then update the server on another?
Any suggestions will be greatly appreciated!
Note: I'm not very familiar with networking, thus I may be calling it the wrong name but the gun IP's start with 10...* and the server IP's start with 15...*
So long as the computer's routing table is properly configured, you shouldn't have to worry about this from your application. So long as you're using the proper IP addresses, the networking stack should take care of delivering things to the right place.
You might want to check the output of "route print" (at least I think that was available on WinXp -- if not, someone else will likely post the correct command for XP soon). In any way, you should see what network destinations are configured for which interfaces. You'll need to make sure that the server's IP on the 15 network will properly route via the interface you want (ie. the lowest-cost matching destination/netmask lists your 15 interface).
The issue seems to stem from both the NIC cards not set up properly and a so far unresolved issue with the frameworks I've chosen.
To solve the NIC problem, the easiest solution I'd found had me clear the default gateway on the 10 network.
The other issue deals with recreating the remoting objects after they've been destroyed. I currently have to warm boot the scanner in order to re-connect to the host. In order to correct this issue I'm going to contact As Good As It Gets to see what their input is. Damn firewall

Resources