[AGENT++] Security problem...

[Fedja Jeleskovic]

Our Agent++ was tested with the Nessus tool and reported possible security hole. Report was about the possibility to obtain the list of SMB users of the remote host via SNMP. Here is their solution:

An attacker may use this information to set up brute force attacks or find an unused account.

Solution : disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port Risk factor : Medium Nessus ID : 10546

Is this know issue or what I could use to avoid this?

The strange thing is that among several systems with the same agents only one or maybe two reported this security problem (medium risk factor as they called it). V1 and V2 is left with the "public" community string in there and after changing the string to something else, things got better. Still, is there any more info on this issue?




Thanks!!

Fedja