| 
		
	
	
	
		
	Posts: 139 
	Threads: 10 
	Joined: Sep 2011
	
 Reputation: 
5 
	
	
		Hi, snmp scan is enabled on my isp, I can scan with mib browser and mib walk. I also see in the list oids with certs, seems encrypted. Neither FastCert or the snmpcertthread (none version) doesn't find any certs. Snmpcertthread one version does find some modems in  factory mode, but find no certs. How can I manually try to download certs, since snmp scanning is not blocked, I know all the info about modem but don't know how to dw certs. Thanks
	 
	
	
	
		
	Posts: 139 
	Threads: 10 
	Joined: Sep 2011
	
 Reputation: 
5 
	
		
		
		03-11-2011, 02:42 PM 
(This post was last modified: 03-11-2011, 09:00 PM by torro32.)
	
	 
		could you please help me with oids, I know what is for docsBpi2CmPublicKey, while  docsBpi2CmDeviceCmCert should be for BPI+ CM Certificate, docsBpi2CmDeviceManufCert is BPI+ CA Certificate, is that right ?
 
 I can't find nowhere what are the oids for the BPI Private Key and for BPI+ Root Public Key
 
 Network is docsis 3.0.  Oid for docsBpi2CmPublicKey is 1.3.6.1.2.1.10.127.6.1.1.1.1.2.2	. What is then oid for Private key and for BPI+ Root Public Key ?
 
	
	
	
		
	Posts: 10 
	Threads: 2 
	Joined: Jun 2010
	
 Reputation: 
0 
	
	
		 (03-11-2011, 02:42 PM)torro32 Wrote:  could you please help me with oids, I know what is for docsBpi2CmPublicKey, while  docsBpi2CmDeviceCmCert should be for BPI+ CM Certificate, docsBpi2CmDeviceManufCert is BPI+ CA Certificate, is that right ?
 
 I can't find nowhere what are the oids for the BPI Private Key and for BPI+ Root Public Key
 
 Network is docsis 3.0.  Oid for docsBpi2CmPublicKey is 1.3.6.1.2.1.10.127.6.1.1.1.1.2.2	. What is then oid for Private key and for BPI+ Root Public Key ?
 
From your config file, what are your public keys? Also, what is the name of your config file? If your config file is dynamic then, you can forget trying to OID into another modem.
	 
	
	
	
		
	Posts: 16 
	Threads: 3 
	Joined: Nov 2011
	
 Reputation: 
0 
	
		
		
		05-11-2011, 05:52 PM 
(This post was last modified: 05-11-2011, 05:52 PM by badinstincts.)
	
	 
		my config is dynamic, and i can read oids from other modems no problem. the problem is the modems that are not in factory mode, i cant get their private key and root key (dont really need the root key, but the private key is definitely needed). unless there is an oid that is unlisted in the mibs, or if i can get that modem into factory mode then i can read the factory mib...
	 
	
	
	
		
	Posts: 139 
	Threads: 10 
	Joined: Sep 2011
	
 Reputation: 
5 
	
	
		my configs are not dynamic. There are some modems on the network that are in the factory mode. I know their IP's. Private and Root oids are not listed when snmpwalk. I am interested for 5101 keys. For example oid for public key is 1.3.6.1.2.1.10.127.6.1.1.1.1.2.2   How to find what is oid for root and private key ?
	 
	
	
	
		
	Posts: 10 
	Threads: 2 
	Joined: Jun 2010
	
 Reputation: 
0 
	
	
		I don't think OID requests work on areas with dynamic configs since the SNMP Community String will be different on each CM unless you know the CMs community string. To find it, just look in the config file. If you are in an area that does not have dynamic configs and OID requests still work, consider yourself very lucky. It is only a matter of time.
 see below.......
 
 18d. Factory mode OID list for Motorola cable modems
 AKA FACTORY MIB’s for Factory mode
 This list is generic among Motorola cable modems
 SB3100, SB4100, SB4101, SB4200, SB4220, SB5100, SB5101, SBG900 and probably more, HOWEVER some OID's will not exist on some modems, E.g. (cmFactoryBCMGroup oid's)
 To execute code, only exist in SB5100, SB5101 and SBG900)
 cmPrivateArpFilterGroup
 1.3.6.1.4.1.1166.1.19.2
 1.3.6.1.4.1.1166.1.19.2.1.0 cmArpFilterEnabled
 1.3.6.1.4.1.1166.1.19.2.2.0 cmArpFilterInterval
 1.3.6.1.4.1.1166.1.19.2.3.0 cmArpFilterLimit
 1.3.6.1.4.1.1166.1.19.2.4.0 cmArpFilterInArps
 1.3.6.1.4.1.1166.1.19.2.5.0 cmArpFilterOutArps
 1.3.6.1.4.1.1166.1.19.2.6.0 cmArpFilterInArpsThisFilter
 cmConfigPrivateBaseGroup
 1.3.6.1.4.1.1166.1.19.3
 cmConfigFreqObjectsGroup
 1.3.6.1.4.1.1166.1.19.3.1
 1.3.6.1.4.1.1166.1.19.3.1.1.0 cmConfigFreq1
 1.3.6.1.4.1.1166.1.19.3.1.2.0 cmConfigFreq2
 1.3.6.1.4.1.1166.1.19.3.1.3.0 cmConfigFreq3
 1.3.6.1.4.1.1166.1.19.3.1.8.0 cmFreqPlanType
 1.3.6.1.4.1.1166.1.19.3.1.11.0 cmUpstreamChannelId1
 1.3.6.1.4.1.1166.1.19.3.1.12.0 cmCarrierFrequencyOffset
 1.3.6.1.4.1.1166.1.19.3.1.14.0 cmSnmpHFCPort
 1.3.6.1.4.1.1166.1.19.3.1.15.0 cmSnmpHFCTrapPort
 1.3.6.1.4.1.1166.1.19.3.1.17.0 cmSnmpDisplayHtml
 1.3.6.1.4.1.1166.1.19.3.1.18.0 cmResetToDefaults
 1.3.6.1.4.1.1166.1.19.3.1.19.0 cmStandbyMode
 1.3.6.1.4.1.1166.1.19.3.1.20.0 cmHybridMode
 1.3.6.1.4.1.1166.1.19.3.1.21.0 cmUpstreamChannelId3
 1.3.6.1.4.1.1166.1.19.3.1.22.0 cmUpstreamPower1
 1.3.6.1.4.1.1166.1.19.3.1.23.0 cmUpstreamPower2
 1.3.6.1.4.1.1166.1.19.3.1.24.0 cmUpstreamPower3
 1.3.6.1.4.1.1166.1.19.3.1.25.0 cmDocsis20Capable
 1.3.6.1.4.1.1166.1.19.3.1.26.0 cmUpstreamChannelId2
 cmPrivateFactoryGroup
 1.3.6.1.4.1.1166.1.19.4
 1.3.6.1.4.1.1166.1.19.4.1.0 cmFactoryVersion
 1.3.6.1.4.1.1166.1.19.4.2.0 cmFactoryDbgBootEnable
 1.3.6.1.4.1.1166.1.19.4.3.0 cmFactoryEnetMacAddr
 1.3.6.1.4.1.1166.1.19.4.4.0 cmFactoryHfcMacAddr
 1.3.6.1.4.1.1166.1.19.4.6.0 cmFactorySerialNumber
 1.3.6.1.4.1.1166.1.19.4.9.0 cmFactoryClearFreq1
 1.3.6.1.4.1.1166.1.19.4.10.0 cmFactoryClearFreq2
 1.3.6.1.4.1.1166.1.19.4.11.0 cmFactoryClearFreq3
 1.3.6.1.4.1.1166.1.19.4.12.0 cmFactorySetReset
 1.3.6.1.4.1.1166.1.19.4.13.0 cmFactoryClrConfigAndLog
 1.3.6.1.4.1.1166.1.19.4.14.0 cmFactoryPingIpAddr
 1.3.6.1.4.1.1166.1.19.4.15.0 cmFactoryPingNumPkts
 1.3.6.1.4.1.1166.1.19.4.16.0 cmFactoryPingNow
 1.3.6.1.4.1.1166.1.19.4.17.0 cmFactoryPingCount
 1.3.6.1.4.1.1166.1.19.4.28.0 cmFactoryCliFlag
 1.3.6.1.4.1.1166.1.19.4.29.0 cmFactoryDisableMib
 1.3.6.1.4.1.1166.1.19.4.30.0 cmFactoryUpstreamPowerCalibration1
 1.3.6.1.4.1.1166.1.19.4.50.0 cmFactoryBigRSAPublicKey
 1.3.6.1.4.1.1166.1.19.4.51.0 cmFactoryBigRSAPrivateKey
 1.3.6.1.4.1.1166.1.19.4.52.0 cmFactoryCMCertificate
 1.3.6.1.4.1.1166.1.19.4.53.0 cmFactoryManCertificate
 1.3.6.1.4.1.1166.1.19.4.54.0 cmFactoryRootPublicKey
 1.3.6.1.4.1.1166.1.19.4.55.0 cmFactoryCodeSigningTime
 1.3.6.1.4.1.1166.1.19.4.56.0 cmFactoryCVCValidityStartTime
 1.3.6.1.4.1.1166.1.19.4.58.0 cmFactoryCMManufacturerName
 1.3.6.1.4.1.1166.1.19.4.59.0 cmFactoryHtmlReadOnly
 1.3.6.1.4.1.1166.1.19.4.60.0 cmFactoryCmUsbMacAddr
 1.3.6.1.4.1.1166.1.19.4.61.0 cmFactoryCpeUsbMacAddr
 1.3.6.1.4.1.1166.1.19.4.62.0 cmFactoryCmAuxMacAddr
 1.3.6.1.4.1.1166.1.19.4.63.0 cmFactoryTunerId
 1.3.6.1.4.1.1166.1.19.4.64.0 cmFactoryHwRevision
 1.3.6.1.4.1.1166.1.19.4.65.0 cmFactoryUsAmpId
 1.3.6.1.4.1.1166.1.19.4.66.0 cmFactory80211RegDomain
 1.3.6.1.4.1.1166.1.19.4.67.0 cmFactoryResidentialGatewayEnable
 1.3.6.1.4.1.1166.1.19.4.70.0 cmFactoryFWFeatureID
 1.3.6.1.4.1.1166.1.19.4.90.0 cmFactorySwServer
 1.3.6.1.4.1.1166.1.19.4.91.0 cmFactorySwFilename
 1.3.6.1.4.1.1166.1.19.4.92.0 cmFactorySwDownloadNow
 1.3.6.1.4.1.1166.1.19.4.93.0 cmFactoryGwAppPublicKey
 1.3.6.1.4.1.1166.1.19.4.94.0 cmFactoryGwAppPrivateKey
 1.3.6.1.4.1.1166.1.19.4.95.0 cmFactoryGwAppRootPublicKey
 1.3.6.1.4.1.1166.1.19.4.31 cmFactoryDownstreamCalibrationGroup
 
	
	
	
		
	Posts: 139 
	Threads: 10 
	Joined: Sep 2011
	
 Reputation: 
5 
	
		
		
		06-11-2011, 01:43 AM 
(This post was last modified: 06-11-2011, 01:46 AM by torro32.)
	
	 
		i am not getting any response from those certs oids. My public key  is docsBpi2CmPublicKey 1.3.6.1.2.1.10.127.6.1.1.1.1.2.2 , CM is docsBpi2CmDeviceCmCert 1.3.6.1.2.1.10.127.6.1.1.4.1.1.1.2 and CA is docsBpi2CmDeviceManufCert 1.3.6.1.2.1.10.127.6.1.1.4.1.1.2.2	Everything according to a cisco SNMP object navigator http://tools.cisco.com/Support/SNMP/do/B...mPublicKey 
oids for private and root key are not listed when snmpwalk. OID request does work.
	 
	
	
	
		
	Posts: 16 
	Threads: 3 
	Joined: Nov 2011
	
 Reputation: 
0 
	
	
		hmmm, i'm starting to think your right about the specific community strings to each modem. but which one is it in the config. i tried the 3 at the top of the config but i still cannot snmp into my own modem... help me please
	 
	
	
	
		
	Posts: 10 
	Threads: 2 
	Joined: Jun 2010
	
 Reputation: 
0 
	
	
		 (06-11-2011, 04:48 AM)badinstincts Wrote:  hmmm, i'm starting to think your right about the specific community strings to each modem. but which one is it in the config. i tried the 3 at the top of the config but i still cannot snmp into my own modem... help me please 
If you have 3 Community Strings, the third, more complicated looking, one is the one you need. It should be about 15 characters long. The CMTS uses that string to talk to your CM.
	 
	
	
	
		
	Posts: 16 
	Threads: 3 
	Joined: Nov 2011
	
 Reputation: 
0 
	
	
		 (06-11-2011, 07:12 PM)Bugman1400 Wrote:   (06-11-2011, 04:48 AM)badinstincts Wrote:  hmmm, i'm starting to think your right about the specific community strings to each modem. but which one is it in the config. i tried the 3 at the top of the config but i still cannot snmp into my own modem... help me please If you have 3 Community Strings, the third, more complicated looking, one is the one you need. It should be about 15 characters long. The CMTS uses that string to talk to your CM.
 
yea the first 2 are the usual ones i've been using for years. not really directly snmping myself, i just learned some net-snmp commands recently, but with programs that ask for the community string. but i cant snmp into my sb5101 at all with haxorware, i changed ports, tried with and without disable snmp agent, i did find the snmp folder in cd /n/s i tried the default command but nothing... still cant snmp into my modem after it registers...
	 |