STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The SNMP service must use only SNMPv3 or its successors.

DISA Rule

SV-63397r1_rule

Vulnerability Number

V-22447

Group Title

GEN005305

Rule Version

GEN005305

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit /etc/snmpd.conf and remove references to the "v1", "v2c", "community", or "com2sec".

Restart the SNMP service.
# service snmpd restart

Check Contents

Check the SNMP daemon is not configured to use the v1 or v2c security models.

Procedure:
Examine the default install location /etc/snmpd.conf
or:
# find / -name snmpd.conf

# grep -E '(v1|v2c|community|com2sec)' <snmp.conf file> | grep -v '^#'
If any configuration is found, this is a finding.

Vulnerability Number

V-22447

Documentable

False

Rule Version

GEN005305

Severity Override Guidance

Check the SNMP daemon is not configured to use the v1 or v2c security models.

Procedure:
Examine the default install location /etc/snmpd.conf
or:
# find / -name snmpd.conf

# grep -E '(v1|v2c|community|com2sec)' <snmp.conf file> | grep -v '^#'
If any configuration is found, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments