Solved

Vmware management asssistant disable snmp access

Posted on 2013-06-10
3
1,158 Views
Last Modified: 2013-06-27
Our vulnerability system(QUALYS) reported the following for VMA 4.1U1 that we are having:  
EOL/Obsolete Software SNMP Version Detected (4) ,
THREAT:
Simple Network Management Protocol (SNMP) is an "Interrnet-standard protocol for managing devices on IP networks."
The authentication of clients of earlier versions of SNMP is performed only by a "community string", in effect a type of password, which is
transmitted in cleartext.
All Servers Vulnerabilities by level page 29
The Internet Engineering Task Force (IETF) has designated SNMPv3 a full Internet standard, the highest maturity level for an RFC. It
considers earlier versions to be obsolete designating them ("Historic"). (http://www.ietf.org/rfc/rfc3410.txt)
IMPACT:
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is
more vulnerable to viruses and other attacks.
SOLUTION:
Disable or remove SNMPv1/2c authentication. Use SNMP version 3 authentication

Open in new window


If I understand properly there is snmp clinet which is running on the linux system and it accept communications through old snmp protocol.

Could you help me how to fix the issue.
0
Comment
Question by:dedri
  • 2
3 Comments
 
LVL 120
ID: 39234815
Try replacing with vMA 5.1

https://my.vmware.com/web/vmware/details?downloadGroup=VSP510-VMA-510&productId=285

Do not be surprised if you also get alarms with 5.1.
0
 

Author Comment

by:dedri
ID: 39234843
any idea how to fix the problem?
0
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 39234909
Again, there may not be an issue, other than what is being observed by your over zealous scanner, other than upgrade to a later version of vMA 5.1, I do not believe updates are available for vMA.

What is the risk to your organization, that this get's red flagged?

It's highly likely that vMA 4.1 does not supported v3 of SNMP, are you using SNMP in the vMA 4.x appliance, if not disable it.

SNMP has been removed from vMA 5.x. It's no longer supported.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question