How to Use the Command 'braa' (with examples)
- Linux
- December 17, 2024
The braa tool is a powerful utility designed for ultra-fast SNMP scanning. This tool allows network administrators and security professionals to efficiently query multiple hosts simultaneously. The capability of executing concurrent SNMP queries makes braa a valuable asset for managing and auditing network devices at scale. Below, we illustrate various use cases of the braa command, providing practical examples, motivations, detailed explanations, and expected outputs for each scenario.
Use case 1: Walk the SNMP tree of a host with a public string querying all OIDs under .1.3.6
Code:
braa public@ip:.1.3.6.*
Motivation:
In large networks, gathering information about devices can be challenging. Walking the SNMP tree of a host allows network administrators to fetch a broad range of management data from a network device with minimum effort. By querying all OIDs (Object Identifiers) under the specified subtree, administrators can gain a comprehensive view of device states, which is invaluable for inventory purposes, troubleshooting, and ensuring consistent configurations across devices.
Explanation:
public: This is the default SNMP community string. It’s akin to a password that allows access to details on the targeted SNMP host. Most devices use this string for read-only purposes.ip: Substitute this with the actual IP address of the target SNMP-enabled device. It specifies the device from which data is to be retrieved.:.1.3.6.*: This specifies the starting point in the SNMP tree from where all subsequent OIDs will be queried. The.1.3.6subtree is part of the ISO branch of the OID tree, often covering a wide range of standard management data available on the device.
Example Output:
Fetching data from 192.168.1.1
.1.3.6.1.2.1.1.1.0 = Router Model XYZ, Version 10.3
.1.3.6.1.2.1.1.2.0 = 1.3.6.1.4.1.9.1.2381
.1.3.6.1.2.1.1.3.0 = 36000
...
Use case 2: Query the whole subnet ip_range for system.sysLocation.0
Code:
braa public@ip_range:.1.3.6.1.2.1.1.6.0
Motivation:
Locating devices on a network often requires identifying their physical or configured locations. By querying a whole subnet for the system.sysLocation.0 OID, network managers can quickly ascertain and update records about where devices are or should be deployed. This information is essential for operations such as maintenance scheduling, emergency troubleshooting, or verifying asset deployment.
Explanation:
public: This signifies the community string used to access SNMP read data.ip_range: Replace this with an IP range indicative of the subnet you wish to query. It could be an IP with CIDR notation or a direct list of IP addresses.:.1.3.6.1.2.1.1.6.0: This particular OID is for querying the system location set on SNMP-enabled devices. It’s part of the SNMP MIB-II standard, helping document where each system is physically situated.
Example Output:
Scanning subnet 192.168.0.0/24
192.168.0.2: Lobby Router
192.168.0.10: Datacenter Switch
192.168.0.20: Office Printer
...
Use case 3: Attempt to set the value of system.sysLocation.0 to a specific workgroup
Code:
braa private@ip:.1.3.6.1.2.1.1.6.0=s'workgroup'
Motivation:
Being able to set or update the SNMP configuration on devices remotely is a powerful capability for network administrators. This particular use case allows for changing the system.sysLocation.0 OID’s value, which documents where the device is located or whom it belongs to. This could be pivotal when reorganizing network infrastructure, changing device assignments, or embedding updated metadata due to corporate restructuring.
Explanation:
private: This indicates a community string with write privileges. Unlikepublic, this string allows modifications. Network administrators should ensure secure handling of such credentials.ip: The IP address of the target network device is specified here.:.1.3.6.1.2.1.1.6.0: This is the OID related to the device’s system location.=s'workgroup': The=sdenotes a string assignment. Here, you’re setting the location to ‘workgroup’, which might represent a division, department, or any other pertinent label for organizational management.
Example Output:
Attempting to set location on 192.168.1.5
Success: 192.168.1.5 system.sysLocation.0 updated to workgroup
Conclusion:
The braa tool offers considerable flexibility and power in managing SNMP-enabled devices across networks. From querying large subnets to updating device information, the use cases demonstrated above highlight how effectively braa streamlines otherwise labor-intensive tasks. Whether for network administration, system auditing, or ensuring compliance with IT policies, braa stands out as an essential tool in a network engineer’s toolkit.
