ubuntu1604:2:2:14

2.2.14 Ensure SNMP Server is not enabled (Scored)

Profile Applicability

Level 1 - Server
Level 1 - Workstation

Description

The Simple Network Management Protocol (SNMP) server is used to listen for SNMP commands from an SNMP management system, execute the commands or collect the information and then send results back to the requesting system.

Rationale

The SNMP server communicates using SNMP v1, which transmits data in the clear and does not require authentication to execute commands. Unless absolutely necessary, it is recommended that the SNMP service not be used.

Audit

Run the following commands to verify snmpd is not enabled: 

# systemctl is-enabled snmpd
disabled

Verify result is not “enabled”.

Remediation

Run the following command to disable snmpd: 

# systemctl disable snmpd
  • ubuntu1604/2/2/14.txt
  • Last modified: 2017/05/02 11:53
  • by Piotr Kłoczewski