GEN005307 - The SNMP service must require the use of a FIPS 140-2 approved encryption algorithm for protecting the privacy of SNMP messages.

Information

The SNMP service must use AES or a FIPS 140-2 approved successor algorithm for protecting the privacy of communications.

Solution

Edit /etc/snmp/snmpd.conf and add the AES keyword for any create user statement without one.

Restart the SNMP service.
# service snmpd restart

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V1R14_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CAT|II, CCI|CCI-000068, Rule-ID|SV-63415r1_rule, STIG-ID|GEN005307, Vuln-ID|V-22449

Plugin: Unix

Control ID: 2b8b83b373905d4dbcb6f7e2ac17a3b0c76994cf1a4605807bd4fa377d1c775c