http://www.securityfocus.com is
one of the best security-related sites on the Net. In addition to
being home to some of the top security-related mailing lists, this
site also has a superb free tools library. Many
tripwire-like tools can be found in the
"auditing, file integrity" portion of this library.
MacPerl:Power and Ease, by Vicki Brown and
Chris Nandor (Prime Time Freeware, 1998). This book plus the
perlport manual page were the major sources
for the stat( ) information table in the first
section of this chapter.
RFC1321:The MD5 Message-Digest Algorithm, R.
Rivest, 1992.
http://www.tripwire.com/tripwire
used to be the canonical free tool for filesystem change detection.
It has since been commercialized, but the older free versions are
still available.
There are approximately 60 active RFCs with SNMP in their titles (and
about 100 total which mention SNMP). Here are just the RFCs we
reference in this chapter or in Appendix E, "The Twenty-Minute SNMP Tutorial".
RFC1157:A Simple Network Management Protocol
(SNMP), J. Case, M. Fedor, M. Schoffstall, and J. Davin,
1990.
RFC1213:Management Information Base for Network Management
of TCP/IP-based internets:MIB-II, K. McCloghrie and M.
Rose, 1991.
RFC1493:Definitions of Managed Objects for
Bridges, E. Decker, P. Langille, A. Rijsinghani, and K.
McCloghrie, 1993.
RFC1573:Evolution of the Interfaces Group of
MIB-II, K. McCloghrie and F. Kastenholz, 1994.
RFC1905:Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2), J. Case, K.
McCloghrie, M. Rose, and S. Waldbusser, 1996.
RFC1907:Management Information Base for Version 2 of the
Simple Network Management Protocol (SNMPv2), J. Case, K.
McCloghrie, M. Rose, and S. Waldbusser, 1996.
RFC2011:SNMPv2 Management Information Base for the
Internet Protocol using SMIv2, K. McCloghrie, 1996.
RFC2012:SNMPv2 Management Information Base for the
Transmission Control Protocol using SMIv2, K. McCloghrie,
1996.
RFC2013:SNMPv2 Management Information Base for the User
Datagram Protocol using SMIv2, K. McCloghrie, 1996.
RFC2274:User-based Security Model (USM) for version 3 of
the Simple Network Management Protocol (SNMPv3), U.
Blumenthal and B. Wijnen, 1998.
RFC2275:View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP), B. Wijnen, R.
Presuhn, and K. McCloghrie, 1998.
RFC2578:Structure of Management Information Version 2
(SMIv2), K. McCloghrie, D. Perkins, and J. Schoenwaelder,
1999.
http://ucd-snmp.ucdavis.edu is
the home of the UCD-SNMP project.
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtmlis the location of Cisco's MIB files. Other
vendors have similar sites.
http://www.snmpinfo.com is the
home of the company SNMPinfo and David Perkins (an SNMP guru who
actively posts to comp.protocols.snmp, and one
of the authors of Understanding SNMP MIBs).
http://www.ibr.cs.tu-bs.de/ietf/snmpv3/ is an
excellent resource on Version 3 of SNMP.
http://www.mrtg.org and http://www.munitions.com/~jra/cricket/ are the homes of
find Multi Router Traffic Grapher (MRTG) and its descendant Cricket
(written in Perl!), two good examples of how SNMP can be used to do
long-term monitoring of devices.
Understanding SNMP MIBs, by David Perkins and
Evan McGinnis (Prentice-Hall, 1996).
http://www.snmp.org is the home
of the company SNMP Research. The "SNMP Framework"
section of their site has some good references, including the
comp.protocols.snmp FAQ.
Advanced Perl Programming, by Sriram
Srinivasan (O'Reilly, 1997) has a good section on the creation
of Perl modules.
http://www.bb4.com
and http://www.kernel.org/software/mon/ are the
homes of BigBrother and Mon, two good examples of packages that
provide a general framework for monitoring real-time events (as
opposed to the historical monitoring frameworks provided by MRTG and
Cricket).
http://www.tcpdump.org is the
home of libpcap and tcpdump.
RFC793:Transmission Control Protocol, J.
Postel, 1981.