1
00:00:00,530 --> 00:00:07,610
Simple network management protocol as an MP, it's an Internet standard protocol for collecting and

2
00:00:07,610 --> 00:00:13,580
organizing information about managed devices on IP networks and for modifying that information to change

3
00:00:13,580 --> 00:00:14,420
device behavior.

4
00:00:16,590 --> 00:00:22,440
Devices that typically support as an MP include cable modems, routers, switches, servers, printers

5
00:00:22,440 --> 00:00:24,590
and a lot of other devices.

6
00:00:25,640 --> 00:00:28,880
It uses the port one six one by default.

7
00:00:29,880 --> 00:00:37,020
It's an application layer protocol and uses both TCP or UDP protocols in transport layer.

8
00:00:39,120 --> 00:00:42,870
As an MP, this one is the original version of the protocol.

9
00:00:44,450 --> 00:00:51,680
More recent versions as an MPV to see and as an MPV, three feature improvements in performance and

10
00:00:51,680 --> 00:00:53,810
flexibility and of course, security.

11
00:00:55,970 --> 00:01:03,740
If S&P service is enabled in a network device and if it's not configured in a secure manner, we're

12
00:01:03,740 --> 00:01:06,590
able to gather a lot of information using the service.

13
00:01:08,630 --> 00:01:15,670
So let's look at our router and see if the SNP services enabled, if now will enable it and then, well,

14
00:01:16,340 --> 00:01:17,270
we're going to have some fun.

15
00:01:19,680 --> 00:01:26,400
OK, so now we are back in three and all the devices are up and running.

16
00:01:27,900 --> 00:01:34,470
So go to the router, console this right, click on it and select console, the console is already open

17
00:01:34,470 --> 00:01:44,280
here now to test the SNP service type show as an MP and hit enter as an agent is not enabled at the

18
00:01:44,280 --> 00:01:44,610
moment.

19
00:01:44,610 --> 00:01:45,510
So let's enable.

20
00:01:46,900 --> 00:01:53,170
Configured terminal, you can complete the command by pressing tab after a few initial letters, or

21
00:01:53,470 --> 00:01:57,130
if there's only one option with those letters, then you can use it as it is.

22
00:01:58,550 --> 00:02:03,740
So in your ear, you can use configure terminal command, just like Konforti.

23
00:02:05,140 --> 00:02:10,000
S&P server enabled traps to enable S&P trap.

24
00:02:10,930 --> 00:02:17,080
Let me just tell you that as an MP, traps are alert messages sent from a remote as an MP enabled device

25
00:02:17,080 --> 00:02:21,320
to a central collector or the S&P manager, right.

26
00:02:22,090 --> 00:02:26,230
A trap might tell you that a device is overheating, for example.

27
00:02:28,480 --> 00:02:35,530
This will be enough to enable S&P service so type end to exit from the configuration mode and again

28
00:02:35,530 --> 00:02:41,650
type show S&P and hit enter and look at that, the S&P service is enabled now.

29
00:02:43,340 --> 00:02:45,560
So you'll see a brief summary of the service.

30
00:02:47,860 --> 00:02:55,060
Now, we should be able to identify as an MP community string's, the S&P community string is like a

31
00:02:55,060 --> 00:03:01,060
user ID or password that allows access to a routers or some other devices statistics.

32
00:03:03,340 --> 00:03:11,650
S&P community strings are used only by devices which support S&P Version one and S&P version to see

33
00:03:11,650 --> 00:03:18,790
protocol, S&P V3 uses username password authentication along with an encryption key.

34
00:03:20,770 --> 00:03:23,380
So once again, enter the configure terminal mode.

35
00:03:24,740 --> 00:03:34,220
Type in S&P server community in anywhere the command, you can just put a question mark to get help

36
00:03:34,220 --> 00:03:35,240
about what's expected.

37
00:03:36,280 --> 00:03:38,120
So here it waits for the community name.

38
00:03:38,120 --> 00:03:45,440
So Cissy's public, which is a commonly used name for Read-Only communities and less the community type

39
00:03:45,770 --> 00:03:47,000
Auro for Read-Only.

40
00:03:48,680 --> 00:03:53,600
So now that we're on a roll, let's create another community with a right privilege this time.

41
00:03:55,000 --> 00:03:57,130
Let the name be private.

42
00:03:58,550 --> 00:04:04,640
And I'll put a question mark here to see the options that we chose R.O. for the previous community.

43
00:04:04,670 --> 00:04:08,750
Now let's use RW to give community the right access.

44
00:04:10,520 --> 00:04:16,070
And to accept the configuration mode and we are to save that configuration.

45
00:04:17,790 --> 00:04:21,900
Now, let's go back to Cali, to Texas, the S&P service.

46
00:04:23,520 --> 00:04:26,680
So there's already a terminal screen inside my colleague.

47
00:04:26,700 --> 00:04:33,420
And here there's an end map query to query the most U.S. ports, including the S&P default port one

48
00:04:33,420 --> 00:04:34,110
six one.

49
00:04:35,220 --> 00:04:39,020
The query was run before we enabled the S&P service.

50
00:04:39,150 --> 00:04:42,690
But as you see, the S&P report was closed then.

51
00:04:43,050 --> 00:04:44,940
So let's run the query again.

52
00:04:45,840 --> 00:04:48,190
Call the same query by clicking the up arrow.

53
00:04:48,330 --> 00:04:51,900
Here it is, the target IP and the ports to scan.

54
00:04:53,170 --> 00:05:01,300
So on this query s capital S. identifies the scam type as a sin scam, it's a scam type to scan TCP

55
00:05:01,300 --> 00:05:07,870
ports O is for OS detection as Capital V is for version detection.

56
00:05:08,230 --> 00:05:12,340
Reason is to see the reason why the port is signed as open or closed.

57
00:05:12,670 --> 00:05:14,530
Now press enter to run the query.

58
00:05:18,300 --> 00:05:25,190
Wow, look at that, the port one sixty one is supposed to be open, but it's not OK.

59
00:05:25,200 --> 00:05:33,030
I know the reason we scanned the TCP ports, but S&P uses the UDP ports in general.

60
00:05:33,520 --> 00:05:37,740
So if we scan the UDP port one six one, we'll see that it's open.

61
00:05:38,810 --> 00:05:42,950
OK, we'll scan the Port UDP one six one in the next lecture.