Jump to content

SNMP problem on ERA 6.3.136


przemocf
 Share

Recommended Posts

Hi all,

I have a WS server running ESET File Security and ERA, I collect some statistics via SNMP, whenever I try to scan OID tree (run "walk") of server the SNMP client always get stuck (print error and ends scan) at node: 1.3.6.1.4.1.29171.2.2.0 .

Here is result of snmpwalk from debian linux - for windows snmp clients they thrown error at this node too.

user@DEB:~$ snmpwalk -v2c -On -c securePublic 10.0.3.3 .1.3.6.1.4.1.29171
.1.3.6.1.4.1.29171.2.1.0 = STRING: "ESET, spol. s.r.o."
.1.3.6.1.4.1.29171.2.2.0 = STRING: "6.0.993.0"
Error in packet.
Reason: (genError) A general failure occured
Failed object: .1.3.6.1.4.1.29171.2.2.0

 

I think, the problem is with the snmp module from ERA that is being registered in windows in SNMP service...

 

Here is my version-info:

******** ERA ver.:
ESET Remote Administrator (Server), Version 6.3.136.0
ESET Remote Administrator (Web Console), Version 6.3.114.0

Microsoft Windows Server 2008 R2 Standard (64-bit), Version 6.1.7601 Service Pack 1
******** Installed on server:
ESET Remote Administrator Agent 6.3.136.0
ESET File Security 6.3.12006.0
ESET Rogue Detection Sensor 1.0.1049.0
ESET Remote Administrator Server 6.3.136.0

 

I can provide packet capture from Wireshark too for ESET tech.

 

Ps. It took me a bit of time to find the ESET MIB - so for others that are looking for it :) , it's here: C:\Program Files\ESET\RemoteAdministrator\Server\ESET_RAS.mib

Link to comment
Share on other sites

  • ESET Staff

Is it possible to configure snmpwalk so that it will be more verbose/more specific of where problem is? This format of SNMP notification has been used by ESET for many years and I don't remember any similar issue reported. Is there any obvious problem visible in wireshark capture in comparisson with other SNMP traps?

I would recommend to open support ticket, as this issie seems to require someone skilled with SNMP. Please attach also mentioned wireshark capture so that it can be analysed.

Link to comment
Share on other sites

Hello,

There is not much more to "debug" in snmpwalk (on linux ,and snmpb on windows) . In

I 'll try to update the FS and ERA console to latest available.

 

Here is a screenshot of this "error packet" from wireshark:

wireshark-eset-snmp-packet-error.thumb.jpg.f489cff8505617cf9d0afefa676f229f.jpg

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...