SSH/snmp functionality

[RokasBudrys]

Hello,

currently I'm trying to figure out if Netbox Scanner is able to login to devices (Linux or Windows VM, Cisco and other network devices) and retrieve FQDN. (Maybe Scanner is able to perform this by querying DNS?)

For instance I'm sure that FQDN could be also inserted into Netbox DB after the scan. Although I haven't found any detailed explanation if anything needs to be done from my side in config file. (I can see that additional host have been found but they are marked as unkown host and no DNS name) Only tacacs config which implies that netbox scanner should be able to login to devices?

Once looking into code I found that TACACS config is used in:

def get_description(self, address, name, cpe):
    '''Define a description based on hostname and CPE'''
    if name:
        return name
    else:
        c = CPE(cpe[0], CPE.VERSION_2_3)
        vendor = c.get_vendor()[0]
        if self.tacacs and vendor == 'cisco':
            try:
                client = SSHClient()
                client.set_missing_host_key_policy(AutoAddPolicy())
                client.connect(address, username=self.tacacs['user'],
                    password=self.tacacs['password'])
                stdin,stdout,stderr = client.exec_command(self.tacacs['command'])
                return '{}:{}'.format(vendor.lower(),
                    re.search(self.tacacs['regex'],
                    str(stdout.read().decode('utf-8'))).group(self.tacacs['regroup']))
            except (AuthenticationException, SSHException,
                NoValidConnectionsError, TimeoutError,
                ConnectionResetError):
                pass
        return '{}.{}.{}'.format(c.get_vendor()[0], c.get_product()[0],
            c.get_version()[0])

So it seems that only Cisco devices are supported right now? correct me if I'm wrong.

To sum up:

1. Is Netbox Scanner capable adding FQDN info into Netbox DB?
2. Is Netbox Scanner capable logging into devices? currently Cisco?
3. Is netbox Scanner capable of using SSH and command list of specific devices to retrieve and store info into Netbox DB?
4. SNMP queries?

[lopes]

1. If your DNS has PTR records for discovered devices, these records will be used as descriptions. Nmap handles it.

2. Yes. Actually, this script does it using Paramiko which uses SSH. After connecting, the command show run | inc hostname is run.

3. Just insert the IP addresses of your Cisco devices and your TACACS+ credentials in the config file.

4. No. At this moment, I think it's best to connect a monitoring system (which uses SNMP) and NetBox using API than to implement SNMP queries in netbox-scanner.

[RokasBudrys]

I'm just wondering if anything needs to be additionally configured, 192.168.22.120 has a ptr although scanner creates it as unknown host:

[root@netbox netbox-scanner]# cat netbox-scanner-20191021T162710Z.log 2019-10-21 16:27:10,523 netbox-scanner INFO started: 1 networks 2019-10-21 16:27:44,796 netbox-scanner INFO scanned: 192.168.22.0/24 (2 hosts discovered) 2019-10-21 16:27:44,863 netbox-scanner INFO created: 192.168.22.120/32 "unknown host" 2019-10-21 16:27:45,359 netbox-scanner INFO finished: +1 ~0 -0 ?0 !0

192.168.22.120 Name: printsrv02.output ommited Address: 192.168.22.120

[root@netbox netbox-scanner]# cat /root/.netbox-scanner.conf

[GENERAL] tag = auto unknown = unknown host log = . nmap_args = -T4 -O -F --host-timeout 30s

[NETBOX] address = output ommited token =output ommited tls_verify = True

[TACACS] user = password = command = regex = hostname ([A-Z|a-z|0-9|-|_]+) regroup = 1

[SCAN]

networks = 10.1.2.3/24,10.2.3.4/24

networks = 192.168.22.0/24

[lopes]

As I mentioned before, netbox-scanner uses nmap findings. If nmap doesn't recognize the host (usually by PTR record), netbox-scanner tryes to connect to it (Cisco) via TACACS+. If it's not possible, and nmap found no further information, host is set to unknown.

[lopes]

Will try to create a modular environment for v2, then it'll be easier to insert new data sources.