Title

If SNMP is not required on AIX, the snmpd service must be disabled. (Cat II impact)

Discussion

The snmpd daemon is used by many 3rd party applications to monitor the health of the system. This allows remote monitoring of network and server configuration. To prevent remote attacks this daemon should not be enabled unless there is no alternative.

Check Content

Verify there is no "snmpd" service running on the AIX by doing the following: From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/snmpd" /etc/rc.tcpip If there is any output from the command, this is a finding.

Fix Text

In "/etc/rc.tcpip", comment out the "snmpd" entry by running command: # chrctcp -d snmpd

Additional Identifiers

Rule ID: SV-215354r508663_rule

Vulnerability ID: V-215354

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.