SNMP configured with community public for Check Point

Vendor

Check Point

Description

Indeni will alert if any of SNMP communities is set to "public".

Remediation Steps

If SNMPv2 has to be used, use a random community that is hard to guess. If possible switch to SNMPv3 instead, which uses username and password instead of a single community string.

How does this work?

Parse the /etc/snmp/snmpd.conf file and retreive the currently configuration for SNMP.

Why is this important?

Parse the /etc/snmp/snmpd.conf file and retreive the currently configuration for SNMP.

Without Indeni how would you find this?

An administrator could log in and manually run the command.


View Source Code