I'll take a shot at this. 1. For an authoritative reply however, one should probably direct CIS questions to CIS. 2. However, any reasonable security posture would have you disable all unused services. This is simply SOP to reduce the attack surface. 3. As for net-snmp specifically, it's always a good idea to check the Certs. But depending on the document you are referencing, that is likely just the SNMP package installed on your system by default. 4. And finally, SNMP v1 and v2c are insecure and can potentially (depending on configuration) expose sensitive internal information to unknown, unauthorized, and unauthenticated actors. 5. If you must use SNMP on a hardened system, use (configure) SNMP v3.
On 19-Apr-2021 3:47 PM, Mike Eggleston wrote:
Why does CIS hardening say to remove the net-snmp package from Linux? Mike _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
