Detections
Analytics
GEN005305 - The SNMP service must use only SNMPv3 or its successors.
Information
SNMP Versions 1 and 2 are not considered secure. Without the strong authentication and privacy provided by the SNMP Version 3 User-based Security Model (USM), an attacker or other unauthorized users may gain access to detailed system management information and use the information to launch attacks against the system.Solution
Edit /etc/snmpd.conf and remove references to the 'v1', 'v2c', 'community', or 'com2sec'.Restart the SNMP service.
# service snmpd restart
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-17(8), CAT|II, CCI|CCI-001435, Group-ID|V-22447, Rule-ID|SV-37692r1_rule, STIG-ID|GEN005305, Vuln-ID|V-22447
Plugin: Unix
Control ID: fd98bb611c343ea5220ef4f3a6975c1ee3b7da1101135932bdf5bec9810379a1