dedri
asked on
Vmware management asssistant disable snmp access
Our vulnerability system(QUALYS) reported the following for VMA 4.1U1 that we are having:
EOL/Obsolete Software SNMP Version Detected (4) ,
If I understand properly there is snmp clinet which is running on the linux system and it accept communications through old snmp protocol.
Could you help me how to fix the issue.
EOL/Obsolete Software SNMP Version Detected (4) ,
THREAT:
Simple Network Management Protocol (SNMP) is an "Interrnet-standard protocol for managing devices on IP networks."
The authentication of clients of earlier versions of SNMP is performed only by a "community string", in effect a type of password, which is
transmitted in cleartext.
All Servers Vulnerabilities by level page 29
The Internet Engineering Task Force (IETF) has designated SNMPv3 a full Internet standard, the highest maturity level for an RFC. It
considers earlier versions to be obsolete designating them ("Historic"). (http://www.ietf.org/rfc/rfc3410.txt)
IMPACT:
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is
more vulnerable to viruses and other attacks.
SOLUTION:
Disable or remove SNMPv1/2c authentication. Use SNMP version 3 authentication
If I understand properly there is snmp clinet which is running on the linux system and it accept communications through old snmp protocol.
Could you help me how to fix the issue.
ASKER
any idea how to fix the problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://my.vmware.com/web/vmware/details?downloadGroup=VSP510-VMA-510&productId=285
Do not be surprised if you also get alarms with 5.1.