SNMP Default community strings
------------------------------

CVE Number: 
CAN-1999-0517, CAN-1999-0516
CAN-1999-0254, CAN-1999-0186

Details:
A commonly used community string is protecting the SNMP service on this
host. An SNMP community string acts like a simple password and is passed
as plaintext to the SNMP service to authenticate information requests and
authorise modifications. The SNMP service can be used to query sensitive
information about a system and may also be used to perform modifications.

Fix:
Disable or restrict the accessibility of the SNMP service.
If SNMP is essential, remove write access whenever possible.
Change community strings to be non-obvious.

Related URLs:
http://www.sans.org/topten.htm#10

$Id: snmp,v 1.1 2000/11/06 15:34:27 loveless Exp $
