Uninstall net-snmp Package

An XCCDF Rule

Description

The snmp package provides the snmpd service. The snmp package can be removed with the following command:

$ apt-get remove snmp

Rationale

If there is no need to run SNMP server software, removing the package provides a safeguard against its activation.

ID: xccdf_org.ssgproject.content_rule_package_net-snmp_removed
Severity: Unknown
References: 2.2.4

2.2.13
Updated: about 1 year ago

- name: Ensure snmp is removed
  package:
    name: snmp
    state: absent
  tags:
  - PCI-DSSv4-2.2.4  - disable_strategy
  - low_complexity
  - low_disruption
  - no_reboot_needed
  - package_net-snmp_removed
  - unknown_severity

include remove_snmp

class remove_snmp {
  package { 'snmp':
    ensure => 'purged',
  }}


# CAUTION: This remediation script will remove snmp
#	   from the system, and may remove any packages
#	   that depend on snmp. Execute this
#	   remediation AFTER testing on a non-production
#	   system!
DEBIAN_FRONTEND=noninteractive apt-get remove -y "snmp"

Uninstall net-snmp Package

Description

Rationale

Remediation - Ansible

Remediation - Puppet

Remediation - Shell Script