NET0892 - SNMP is blocked at all external interfaces - 'deny tcp 161'

Information

The administrator must ensure SNMP is blocked at all external interfaces.

SNMP information can be used to trace the network and reveal networks topology that could enable malicious users to gain access to network devices.

NOTE: Change 'AG_INGRESS_ACL_1' to the access-list IP standard access list number for your organization.

Solution

The administrator will change the router configuration to block SNMP traffic at the perimeter.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_Perimeter_Router_L3_Switch_V8R32_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7, CAT|II, Rule-ID|SV-3022r2_rule, STIG-ID|NET0892, Vuln-ID|V-3022

Plugin: Cisco

Control ID: 5f147a201edcdc48bc67eaeb34adfaff0195f1e9db4d34228d52ee60bfff9e9d