Detections
Analytics
SRG-OS-99999-ESXI5-000144 - The system must ensure proper SNMP configuration - 'community name private does not exist'
Information
If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can then use this information to plan an attack. SNMP must be configured on each ESXi host using Power/v CLI. vSphere PowerCLI is a command line tool used to automate vSphere management. PowerCLI is distributed as a Windows PowerShell snapin, and includes 300+ PowerShell cmdlets and use documentation.Solution
If SNMP is not being used, configure 'enabled' = 0. From the Power/v CLI, execute 'vicfg-snmp.pl --server <server_name> -D'.If SNMP is being used, ensure the community name is configured:
From the vSphere CLI, type 'vicfg-snmp.pl --server hostname --username <username> --password <password> -c <community_name>'.
To enable SNMP from the vSphere CLI, type.
# vicfg-snmp.pl --server <hostname> --username <username> --password <password> --enable
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_ESXi5_Server_V2R1_STIG.zip
Item Details
Audit Name: DISA VMWare ESXi 5.0 Server STIG v2r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5, CAT|II, CCI|CCI-000366, Group-ID|V-39417, Rule-ID|SV-250661r798982_rule, STIG-ID|SRG-OS-99999-ESXI5-000144, STIG-Legacy|SV-51275, STIG-Legacy|V-39417, Vuln-ID|V-250661
Plugin: VMware
Control ID: 989bedb98a95f68746b0bd981609765f1e3169ec62cbf0cb68dc5b177aeeaad9