Check or Attack Name: SNMPRMONGetEventCommunityStrings

The RFC-1271 standard RMON MIB defines the eventCommunity object to be a holder for a community string. Community strings can be used as authentication keys, and therefore should be protected.

The standard exists and has not been modified to prevent the event community strings from being exposed.

The trap event community string should be different from other community strings used by the management station. See the configuration section of the management station that is deployed at the customer's site.

Set the community string to a value that is hard to guess. Use uppercase, lowercase, and numeric characters.

Request for Comment document RFC 1271, Remote Network Monitoring Management Information Base, ftp://ftp.isi.edu/in-notes/rfc1271.txt