Control Compliance Suite

I would like to know if there is a built-in check or if anyone has found a way to check if default community strings(public/private) are specified in the accepted community names on Windows servers. 

Try here? HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration I don't have a current use case, so I can't see this in action. If you get it going, please do come back here and share what you've learned. This would be a useful check to have validated...

Thanks for pointing me in the right direction, although I'm not quite sure if this would be the correct query: Is a Value? = 'false' Where Key/Value Name = 'HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities\public' with Missing Data Outcome being 'Manual Review' and Multiple Data Operator being 'AND' public as a value = check failed public not a value = check passed?

Not sure what it looks like when public is there/missing, so I can't help ya out. If yer a windows guru, maybe "toggle" it in a lab environ to see what the registry behavior is?

Ok here are the results: Windows Server using public as an accepted community name = Check status "Failed" (what we want) Windows Server without public configured as an accepted community name = Check status "Unknown" Changing the "Is a Value? = 'true'" will provide a check passed status for a good known string. If we wanted public as a configured accepted community name it will provide a Check status of "Passed". Quick and dirty solution for SNMPv1 in Windows. Thanks!

Awesome - going in the toolbox :) Thanks for posting the results! Helps us old-timers...