Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Vmware management asssistant disable snmp access

Posted on 2013-06-10
3
Medium Priority
?
1,232 Views
Last Modified: 2013-06-27
Our vulnerability system(QUALYS) reported the following for VMA 4.1U1 that we are having:  
EOL/Obsolete Software SNMP Version Detected (4) ,
THREAT:
Simple Network Management Protocol (SNMP) is an "Interrnet-standard protocol for managing devices on IP networks."
The authentication of clients of earlier versions of SNMP is performed only by a "community string", in effect a type of password, which is
transmitted in cleartext.
All Servers Vulnerabilities by level page 29
The Internet Engineering Task Force (IETF) has designated SNMPv3 a full Internet standard, the highest maturity level for an RFC. It
considers earlier versions to be obsolete designating them ("Historic"). (http://www.ietf.org/rfc/rfc3410.txt)
IMPACT:
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is
more vulnerable to viruses and other attacks.
SOLUTION:
Disable or remove SNMPv1/2c authentication. Use SNMP version 3 authentication

Open in new window


If I understand properly there is snmp clinet which is running on the linux system and it accept communications through old snmp protocol.

Could you help me how to fix the issue.
0
Comment
Question by:dedri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 124
ID: 39234815
Try replacing with vMA 5.1

https://my.vmware.com/web/vmware/details?downloadGroup=VSP510-VMA-510&productId=285

Do not be surprised if you also get alarms with 5.1.
0
 

Author Comment

by:dedri
ID: 39234843
any idea how to fix the problem?
0
 
LVL 124

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 2000 total points
ID: 39234909
Again, there may not be an issue, other than what is being observed by your over zealous scanner, other than upgrade to a later version of vMA 5.1, I do not believe updates are available for vMA.

What is the risk to your organization, that this get's red flagged?

It's highly likely that vMA 4.1 does not supported v3 of SNMP, are you using SNMP in the vMA 4.x appliance, if not disable it.

SNMP has been removed from vMA 5.x. It's no longer supported.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will learn how to backup a VMware farm using Nakivo Backup & Replication. In this tutorial we will install the software on a Windows 2012 R2 Server.
August and September have been big months for VMware—from VMworld last month to our new Course of the Month in VMware Professional - Data Center Virtualization. We reached out to Andrew Hancock, resident VMware vExpert, to have a more in-depth discu…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question