B509: snmp_weak_cryptography¶

bandit.plugins.snmp_security_check.snmp_crypto_check(context)[source]

B509: Checking for weak cryptography

This test is for checking for the usage of insecure SNMP cryptography:: v3 using noAuthNoPriv.
Using the pysnmp documentation:: http://snmplabs.com/pysnmp/examples/hlapi/asyncore/sync/manager/cmdgen/snmp-versions.html

Please update your code to use more secure versions of SNMP. For example:

Instead of:: CommunityData(‘public’, mpModel=0)
Use (Defaults to usmHMACMD5AuthProtocol and usmDESPrivProtocol: UsmUserData(“securityName”, “authName”, “privName”)

New in version 1.7.2.

Read the Docs v: 1.7.2

Versions: latest; 1.7.5; 1.7.4; 1.7.3; 1.7.2; 1.7.1; 1.7.0; 1.6.3; 1.6.2; 1.6.1; 1.6.0; 1.5.1; 1.5.0; 1.4.0; 1.3.0; 1.2.0

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.