After announcing v1.1.5 with the new Switch Topology report, quite a few folks wrote in to ask if this feature was available in SNMPv3 environments. As of this evening, the answer is yes. To leverage SNMP v3 credentials in a Rumble scan, set the following options in the Advanced Options section of the Scan Configuration screen.

Rumble SNMP v3 Support

Depending on your environment, these settings may require some tweaking. The standard security levels of NoAuthNoPriv, AuthNoPriv, and AuthPriv map to these options as follows:

NoAuthNoPriv
  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “none”
  • snmp-v3-privacy-protocol set to “none”
AuthNoPriv
  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “md5” or “sha”
  • snmp-v3-passphrase set to the valid password for the user
  • snmp-v3-privacy-protocol set to “none”
AuthPriv
  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “md5” or “sha”
  • snmp-v3-passphrase set to the valid password for the user
  • snmp-v3-privacy-protocol set to “des” or “aes”
  • snmp-v3-privacy-passphrase set to the valid key (often hexadecimal)

The Rumble Scanner also supports SNMPv3 authentication using similar command-line options:

    --snmp-v3-auth-passphrase string      The authentication passphrase
    --snmp-v3-auth-protocol string        The authentication protocol (none, md5, sha) (default "none")
    --snmp-v3-privacy-passphrase string   The privacy passphrase
    --snmp-v3-privacy-protocol string     The privacy protocol (none, des, aes) (default "none")
    --snmp-v3-username string             The username to use for SNMP v3 authentication

These options require version 1.1.7 or newer of the Rumble Agent or Rumble Scanner.

This release also includes a number of small bug fixes for the SNMP probe and better support for CAM/MAC table enumeration of Cisco equipment.

Happy Scanning!

Similar Content

Overview Version 1.7.0 of Rumble Network Discovery is live with big updates to reporting. The Analysis Reports introduced in version 1.6.2 are now joined by a new Subnet Grid Report, linked off the main Subnets Report under the Explore menu. The Query Library has been updated with small tweaks and new built-in query for finding expired TLS certificates, supported by improvements to the scan engine. The Rumble backend has been upgraded to support our larger customers as well as all of our new Starter Edition users.
Overview Version 1.6.0 of Rumble Network Discovery is live with support for configurable scan grace periods, data retention policies, additional protocol support, enhanced fingerprint coverage, new search keywords, and much more. Scan Grace Periods Starting with the 1.3.2 release, Rumble would automatically cancel a scheduled or recurring scan if the intended agent was not available after four hours. This fixed grace period prevented scans from stacking up in the case of a slow scan or offline agent, but it didn’t work for all use cases, and this is now configurable at the scan level.
Scanning & Searching Version 1.5.0 of Rumble Network Discovery is live with updates in two major areas; wider scanning, through improved protocol support, scan engine enhancements, and more comprehensive decoders; and deeper searching, with the addition of a dozen new search filters and other enhancements to the web console. Wider Scanning Whether you use the Rumble Agent or the Rumble Scanner, the scan engine improvements in v1.5.0 make discovery more reliable, predictable, and comprehensive.