Method used to shield the vulnerability that a message "Password of the SNMP service can be written" is displayed in the storage system when the NSFOCUS scanning tool is used

You can shield the vulnerability that a message "Password of the SNMP service can be written" is displayed in the storage system when the NSFOCUS scanning tool is used as follows:
The message is displayed because the storage system uses the default read/write communities when enabling the SNMP service.
The SNMP read/write communities, similar to passwords, can be used to read device information on the server that only provides read communities. For servers that provide write communities, the SNMP read/write communities can not only read device information but also write information to devices.
The SNMP read communities of a storage system is storage_public by default and the write communities is storage_private by default. If the default communities are used when the SNMP is enabled, all software can access and manage the storage system without authentication and there are security risks. Therefore, you are advised to modify the default communities after the SNMP service is enabled, to improve system security.
You can shield the vulnerability that "Password of the SNMP service can be written" as follows:
1. Log in to the storage system by using the CLI as a super administrator.
2. Run the chgcommunityname command to change the SNMP write and read communities.
Note:
Some earlier versions of storage system models cannot support the community command. If the system shows that the community command does not exist when you run this command, upgrade the storage system.
You can run the chgcommunityname command as follows:
Format: chgcommunityname -r readCommunity -w writeCommunity
Guidance: After the command is entered, a message is displayed indicating that the SNMP service is to be restarted. Enter y to confirm the restart. The new communities take effect after the SNMP service is restarted.
3. Run the showcommunityname command to check the modified result.
4. Restart the NSFOCUS scanning tool to scan for vulnerabilities.

Scroll to top