How to disable account public for SNMP?

Hello!

The situation is the following:
MaxPatrol, if anyone is familiar with this scanner of vulnerability, gave the following:
Vulnerable nodes
192.168.1.50
IP ad RES 192.168.1.50
The name of the ass ACI 192.168.1.50
161/UDP • SNMP
Versions of protocols: 1
Account
public
Information
Xerox DocuPrint N2825 Network Laser Printer - 2.12-02

There are other printers, but I would like to understand the problem on the example of this.
If you go to the web interface of the printer, there is only a brief word on SNMP, but no public and no accounts to configure, nothing is impossible, especially to remove.

However, if the computer has to go into the properties of the printer to configure the TCP/IP Port, there is a checkbox: SNMP Status is allowed, and below flaunts account public, it is there is why it is called "community Name".

In short, disable this setting of course, but it should be done on each computer and when you install new ones, go to settings and remove.

The question is, is there a way to remove this uchetku on the printer (searched - did not find) or the only option is to remove it on all computers, and most importantly how they would react to the MaxPatrol? The vulnerability description is not a word that this account is public available on it and won the comp, it turns out that most likely it scans the printer and then do not understand what to do?
July 8th 19 at 16:09
1 answer
July 8th 19 at 16:11
This is the SNMP community name.
Can disable SNMP on the printer Protocol, or rename the default community name to some else.
On the printer, specifically it, the SNMP Protocol is not disabled. Do I understand that then you need to disable this setting on each computer? - damian_Labadie commented on July 8th 19 at 16:14
: And the ip address 192.168.1.50 in this case, someone, computer, or printer? - tomasa_OConn commented on July 8th 19 at 16:17
: printer. - damian_Labadie commented on July 8th 19 at 16:20
: So how when you modify the settings of the computer will change the status of the SNMP service on the printer? This printer needs to be switched off. - tomasa_OConn commented on July 8th 19 at 16:23
In fact the trouble is that in the web interface of the printer is no way to disable, or configure SNMP. - damian_Labadie commented on July 8th 19 at 16:26
So maybe in the web interface of the printer there is a section with advanced settings, where it can be done.
Maybe the printer should be configured using some utilities which came with it included or is on the manufacturer's website... - Mikayla.Roh commented on July 8th 19 at 16:29
: More modern printers (HP 9050, WorkCentre 3615) you can disable SNMP, but it is not clear where accounts are Public and Private, a feeling that this is Windows recording. Some of the printers we use SNMP and disable it will not work. You need to understand how the scanner MaxPatrol pulls these accounts. - damian_Labadie commented on July 8th 19 at 16:32
It is not accounts. It is a community. All a bit different than you imagine. Well, try snmpwalk-Ohm test answer printer you do or not. - Mikayla.Roh commented on July 8th 19 at 16:35
And tried:

Hi Joachim!

Have you turned SNMP off on two places?
If not do as the following:
1. Navigate to Start -> Devices and Printers and select the correct printer, right click and
choose “Printer Preferences”.
2. Go to the “Configuration” tab and press the “Bi-Directional Setup” button.
3. Here you can turn “Bi-Directional Communication” off.
4. You may also need to Navigate to Printer Preferences -> Ports -> Configure Port
5. And turn the “SNMP Status Enabled” is off there as well.
This can be turned off if the driver gives a false “Printer Offline” message.

What about disabling the ports that SNMP use?
UDP PORT 161:
The SNMP agent receives requests through this port.
UDP PORT 162:
The SNMP agent receives notifications (Traps) through this port.

Also you can try changing Protocol to LPR or RAW, if that does not work the easiest way would probably be to do a clean driver install on the server with the preferred settings.

Best Regards
Kimzi - Mikayla.Roh commented on July 8th 19 at 16:38
I realized that it was some community, I do not understand where they are set? I have a network MFP, which finds two MaxPatrol community: public and private. Where they ask that? If you look on the computers where the MFP is connected as a printer, the settings of the TCP/IP port there you can uncheck "SNMP Status" are allowed, and there just appears the Name of the community: public. Where to find private community, is not clear. - damian_Labadie commented on July 8th 19 at 16:41
So it exists? Check with snmpwalk.

In the Vedas there is the interface of your printer button Bi-Directional Setup? - Mikayla.Roh commented on July 8th 19 at 16:44
: I have downloaded the utility from here https://www.snmpsoft.com/cmd-tools/snmp-walk/ and executed the command:
snmpwalk -c public -r:192.168.1.51
snmpwalk -c private-r:192.168.1.51

Both teams gave a bunch of OIDs, and in the end Fail to get value of SNMP variable. Variable does not exists (noSuchName(2))

I have the printer in the SNMP has the following configuration:
Get community name:
Enter the name of the community again:
Ask the name of the community:
Enter the name of the community again:
The community name of traps:
Enter a community name trap again:

These are the only settings that I can do. How are they related to user accounts, public and private?

Again, I have a mission: to prevent access to the accounts public and private, how to do it without disabling SNMP completely? - damian_Labadie commented on July 8th 19 at 16:47
So fill in these fields the community that you need instead of the standard and the whole business - Mikayla.Roh commented on July 8th 19 at 16:50
: Well, let's say with this printer to solve the problem. But unfortunately, there is a printer (which I wrote in the initial post), which does not have these options, it is even impossible to disable snmp in the web interface. - damian_Labadie commented on July 8th 19 at 16:53

Find more questions by tags PrintersSNMP