SNMP community strings on the Red Hat Enterprise Linux operating system must be changed from the default.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-204627 | RHEL-07-040800 | SV-204627r603261_rule | High |
| Description |
|---|
| Whether active or not, default Simple Network Management Protocol (SNMP) community strings must be changed to maintain security. If the service is running with the default authenticators, anyone can gather data about the system and the network and use the information to potentially compromise the integrity of the system or network(s). It is highly recommended that SNMP version 3 user authentication and message encryption be used in place of the version 2 community strings. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2022-12-06 |
Details
| Check Text ( C-4751r89073_chk ) |
|---|
| Verify that a system using SNMP is not using default community strings. Check to see if the "/etc/snmp/snmpd.conf" file exists with the following command: # ls -al /etc/snmp/snmpd.conf -rw------- 1 root root 52640 Mar 12 11:08 snmpd.conf If the file does not exist, this is Not Applicable. If the file does exist, check for the default community strings with the following commands: # grep public /etc/snmp/snmpd.conf # grep private /etc/snmp/snmpd.conf If either of these commands returns any output, this is a finding. |
| Fix Text (F-4751r89074_fix) |
|---|
| If the "/etc/snmp/snmpd.conf" file exists, modify any lines that contain a community string value of "public" or "private" to another string value. |