GEN005307 - SNMP must require the use of a FIPS 140-2 encryption algorithm for protecting the privacy of SNMP messages.

Information

The SNMP service must use AES or a FIPS 140-2 approved successor algorithm for protecting the privacy of communications.

Solution

Edit /etc/snmp/snmpd.conf and add the AES keyword for any create user statement without one.
Restart the SNMP service.
# service snmpd restart

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R17_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CAT|II, CCI|CCI-000068, Group-ID|V-22449, Rule-ID|SV-37695r1_rule, STIG-ID|GEN005307

Plugin: Unix

Control ID: 97b2efab293c9e95af9662d34a9efb3f4fedc3d372f8ba7815e2f7e42b094e59