SNMP agent_steal Community String (deprecated)

high Nessus Network Monitor Plugin ID 1397

Synopsis

The remote host is configured with default or easily-guessed credentials.

Description

The remote host is running an SNMPv2 server that uses a well-known community string - agent_steal.

Solution

This signature was obtained through direct sniffing of the network, so if possible, migrating systems to SNMP v3 would be more secure. For non-local attacks though, your community string is easily guessed and should be changed to something more random.

Plugin Details

Severity: High

ID: 1397

Family: SNMP

Published: 8/20/2004

Updated: 1/15/2016