2.2.14 Ensure SNMP Server is not enabled (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
The Simple Network Management Protocol (SNMP) server is used to listen for SNMP commands from an SNMP management system, execute the commands or collect the information and then send results back to the requesting system.
Rationale
The SNMP server communicates using SNMP v1, which transmits data in the clear and does not require authentication to execute commands. Unless absolutely necessary, it is recommended that the SNMP service not be used.
Audit
Run the following commands to verify snmpd
is not enabled:
# systemctl is-enabled snmpd disabled
Verify result is not “enabled”.
Remediation
Run the following command to disable snmpd
:
# systemctl disable snmpd