iquerySecName and V3 User

Hi all! I am using the disman module for linkUp/linkDown trap generation (net-snmp 5.9): notificationEvent linkUpTraplinkUp ifIndex ifAdminStatus ifOperStatus notificationEvent linkDownTrap linkDown ifIndex ifAdminStatus ifOperStatus monitor -r 5 -e linkUpTrap "Generate linkUp" if

SNMPd cores

Hi Team We are seeing below snmpd cores. Please provide your input of what can cause these and measures to mitigate. #0 0x000800d99f5c in md5_block_asm_data_order () from /lib/libcrypto.so.6 #1 0x0003 in ?? () #2 0x01c6c1c0 in ?? () #3 0x00071b07 in ?? () #4 0x00

CIS hardening?

Why does CIS hardening say to remove the net-snmp package from Linux? Mike ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/li

Re: CIS hardening?

I'll take a shot at this. 1. For an authoritative reply however, one should probably direct CIS questions to CIS. 2. However, any reasonable security posture would have you disable all unused services.  This is simply SOP to reduce the attack surface. 3. As for net-snmp specifically, it's a

Re: CIS hardening?

To expand on #5, have a look at http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption . In a hardened system, I would disable MD5 and DES as they are no longer considered secure. David Sips On 4/

Re: CIS hardening?

And one more comment... SNMP is hated, by every internal security team I have ever encountered.  Security teams love private protocols, hate standard protocols... why because standard protocols are well documented.  So anytime an internal security team can eliminate something that is standard/o