If snmpd is required within the environment, implement IP access restrictions on the available community strings. Rationale: If SNMP is required, IP access restrictions should be put into place to limit which hosts or networks subnets are able to remotely poll the server.
Solution
Identify if there are any currently configured community strings: grep '^community[[:blank:]]' /etc/snmpd.conf If there are active community strings, edit the configuration file: vi /etc/snmpd.conf Implement IP access restrictions to ALL of the available community names e.g.: community tivoli 192.132.10.0 255.255.255.0 readOnly The format of each line should reflect: community <community name> <IP addresses> <netmask> [ <permissions> <view>] Default Value: N/A Additional Information: Reversion: Copy back the original /etc/snmpd.conf file: cp -p /etc/snmpd.conf.pre_cis /etc/snmpd.conf