przemocf 0 Posted June 20, 2017 Posted June 20, 2017 Hi all, I have a WS server running ESET File Security and ERA, I collect some statistics via SNMP, whenever I try to scan OID tree (run "walk") of server the SNMP client always get stuck (print error and ends scan) at node: 1.3.6.1.4.1.29171.2.2.0 . Here is result of snmpwalk from debian linux - for windows snmp clients they thrown error at this node too. user@DEB:~$ snmpwalk -v2c -On -c securePublic 10.0.3.3 .1.3.6.1.4.1.29171 .1.3.6.1.4.1.29171.2.1.0 = STRING: "ESET, spol. s.r.o." .1.3.6.1.4.1.29171.2.2.0 = STRING: "6.0.993.0" Error in packet. Reason: (genError) A general failure occured Failed object: .1.3.6.1.4.1.29171.2.2.0 I think, the problem is with the snmp module from ERA that is being registered in windows in SNMP service... Here is my version-info: ******** ERA ver.: ESET Remote Administrator (Server), Version 6.3.136.0 ESET Remote Administrator (Web Console), Version 6.3.114.0 Microsoft Windows Server 2008 R2 Standard (64-bit), Version 6.1.7601 Service Pack 1 ******** Installed on server: ESET Remote Administrator Agent 6.3.136.0 ESET File Security 6.3.12006.0 ESET Rogue Detection Sensor 1.0.1049.0 ESET Remote Administrator Server 6.3.136.0 I can provide packet capture from Wireshark too for ESET tech. Ps. It took me a bit of time to find the ESET MIB - so for others that are looking for it , it's here: C:\Program Files\ESET\RemoteAdministrator\Server\ESET_RAS.mib
ESET Staff MartinK 384 Posted June 20, 2017 ESET Staff Posted June 20, 2017 Is it possible to configure snmpwalk so that it will be more verbose/more specific of where problem is? This format of SNMP notification has been used by ESET for many years and I don't remember any similar issue reported. Is there any obvious problem visible in wireshark capture in comparisson with other SNMP traps? I would recommend to open support ticket, as this issie seems to require someone skilled with SNMP. Please attach also mentioned wireshark capture so that it can be analysed.
przemocf 0 Posted June 23, 2017 Author Posted June 23, 2017 Hello, There is not much more to "debug" in snmpwalk (on linux ,and snmpb on windows) . In I 'll try to update the FS and ERA console to latest available. Here is a screenshot of this "error packet" from wireshark:
Recommended Posts