Authenticated SNMP v3 Support

November 19, 2019, by

HD Moore

After announcing v1.1.5 with the new Switch Topology report, quite a few folks wrote in to ask if this feature was available in SNMPv3 environments. As of this evening, the answer is yes. To leverage SNMP v3 credentials in a Rumble scan, set the following options in the Advanced Options section of the Scan Configuration screen.

Rumble SNMP v3 Support

Depending on your environment, these settings may require some tweaking. The standard security levels of NoAuthNoPriv, AuthNoPriv, and AuthPriv map to these options as follows:

NoAuthNoPriv

  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “none”
  • snmp-v3-privacy-protocol set to “none”

AuthNoPriv

  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “md5” or “sha”
  • snmp-v3-passphrase set to the valid password for the user
  • snmp-v3-privacy-protocol set to “none”

AuthPriv

  • snmp-v3-username set to a valid user
  • snmp-v3-auth-protocol set to “md5” or “sha”
  • snmp-v3-passphrase set to the valid password for the user
  • snmp-v3-privacy-protocol set to “des” or “aes”
  • snmp-v3-privacy-passphrase set to the valid key (often hexadecimal)

The Rumble Scanner also supports SNMPv3 authentication using similar command-line options:

    --snmp-v3-auth-passphrase string      The authentication passphrase
    --snmp-v3-auth-protocol string        The authentication protocol (none, md5, sha) (default "none")
    --snmp-v3-privacy-passphrase string   The privacy passphrase
    --snmp-v3-privacy-protocol string     The privacy protocol (none, des, aes) (default "none")
    --snmp-v3-username string             The username to use for SNMP v3 authentication

These options require version 1.1.7 or newer of the Rumble Agent or Rumble Scanner.

This release also includes a number of small bug fixes for the SNMP probe and better support for CAM/MAC table enumeration of Cisco equipment.

Happy Scanning!

Similar Content

April 13, 2021

Collecting Device Serial Numbers and Asset Tags over SNMP

A few weeks ago, one of our customers asked us if we could pull serial numbers out of Cisco devices because this would be very useful for their MSSP business. We were able to update the scan engine quick and this feature is now included as of release 1.15.3. Pulling serial …

Read More

August 6, 2020

Recog Development with Rumble

Overview Recog may be one of the most underrated open source security projects of all time. Recog started off in the early 2000s as the fingerprinting backend for Rapid7’s Nexpose (aka InsightVM) vulnerability scanner. It was released as open source in 2014 and …

Read More

August 4, 2020

Rumble 1.10: Continuous Scans, Site Defaults, and More!

Overview Rumble 1.10 is live with continuous scanning, user interface updates, an event log, updates to the scan engine, additional fingerprints, and a new way to keep recurring scans in sync with their sites! Continuous Scanning All paid plans now support a new Continuous …

Read More