STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:SV-226969r603265_rule
V-226969
SRG-OS-000480
GEN005300
CAT I
10
Change the default passwords. To change them, locate the snmpd.conf file and edit it. Locate the line system-group-read-community which has a default password of public and make the password something more random (less guessable). Make the same changes for the lines that read system-group-write-community, read-community, write-community, trap, and trap-community. Read the information in the file carefully. The trap is defining who to send traps to, for instance, by default. It is not a password, but the name of a host.
Check the SNMP configuration for default passwords.
Locate and examine the SNMP configuration.
Procedure:
# more /etc/sma/snmp/snmpd.conf /var/sma_snmp/snmpd.conf /etc/snmp/conf/snmpd.conf /usr/sfw/lib/sma_snmp/snmpd.conf
Identify any community names or user password configuration. If any community name or password is set to a default value, such as public, private, snmp-trap, or password, this is a finding.
V-226969
False
GEN005300
Check the SNMP configuration for default passwords.
Locate and examine the SNMP configuration.
Procedure:
# more /etc/sma/snmp/snmpd.conf /var/sma_snmp/snmpd.conf /etc/snmp/conf/snmpd.conf /usr/sfw/lib/sma_snmp/snmpd.conf
Identify any community names or user password configuration. If any community name or password is set to a default value, such as public, private, snmp-trap, or password, this is a finding.
M
4060