SNMP contents.gifindex.gif

SNMP

An intruder can use SNMP (Simple Network Management Protocol) to gain valuable information about the machine (such as information on network devices, current open connections, etc.) when SNMP uses default words, such as public or private, for the community word. If no community is specified, then the SNMP server responds to queries from any host. See RFC 1157 for additional information.

Risk: Low

OS Vulnerable: Any

Fix: Review and/or reconfigure the SNMP database to restrict the dissemination of information to anonymous users.