GEN005307 - SNMP must require the use of a FIPS 140-2 encryption algorithm for protecting the privacy of SNMP messages.

Information

The SNMP service must use AES or a FIPS 140-2 approved successor algorithm for protecting the privacy of communications.

Solution

Edit /etc/snmp/snmpd.conf and add the AES keyword for any create user statement without one.
Restart the SNMP service.
# service snmpd restart

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: ACCESS CONTROL

References: 800-53|AC-17(2), CAT|II, CCI|CCI-000068, Group-ID|V-22449, Rule-ID|SV-37695r1_rule, STIG-ID|GEN005307, Vuln-ID|V-22449

Plugin: Unix

Control ID: 5621f3f7dd82df9ab0b57f58cae4e1d1ee91f0b6dffd8ce57ac059213a3b5876