SNMP configured with community public for Cisco

Vendor

Cisco

Description

Indeni will alert if any of SNMP communities is set to "public".

Remediation Steps

If SNMPv2 has to be used, use a random community that is hard to guess. If possible switch to SNMPv3 instead, which uses username and password instead of a single community string.

How does this work?

This script logs in to the Cisco Nexus switch using SSH and retrieves the current state of the SNMP protocol by using the "show snmp" command.

Why is this important?

This script logs in to the Cisco Nexus switch using SSH and retrieves the current state of the SNMP protocol by using the "show snmp" command.

Without Indeni how would you find this?

The administrator would have to manually log in to the device and check the SNMP communities configuration.


View Source Code