Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Network Performance Monitor (NPM) > AMQP Cleartext Authentication

AMQP Cleartext Authentication

Table of contents
Created by Allain M Umalin, last modified by John Wallace on Mar 08, 2017

Views: 900 Votes: 1 Revisions: 11



Nessus Security Vulnerability scanner reports the following vulnerability in the SolarWinds server.


AMQP Cleartext Authentication (87733)

The remote host is running a service that allows Cleartext authentication.


The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.


CORE 2016.1, CORE 2016.2



Solarwinds Development Team advises that solarwinds software using the RabbitMQ feature, does not send authentication in Cleartext so this really should not be a concern and is more of a false positive.


If you do need to resolve such issue, It is likely that additional polling engines are being used, there are a couple of steps you should perform.


Please first upgrade environment to CORE 2016.2 platform (NPM 12.0.1, SAM 6.3, NCM 7.5.1 etc)


You should now be able to disable port 5672 on primary polling engine, which previously in CORE 2016.1 was being used.


You can additionally, if you have no firewall, also make a change inside the RabbitMQ config file.


- How to disable Cleartext authentication mechanisms in the AMQP configuration.


To close the Clear text authentication mechanism add the line to the RabbitMQ config file.

The file is named rabbitmq.config and is located at C:\ProgramData\Solarwinds\Orion\RabbitMQ.

Add the line {tcp_listeners, []} next to {ssl_listeners, [5671]} and restart the RabbitMQ service using the Orion Service Manager.

Make sure you include the comma(,) at the end of the line otherwise the service will not start.

See example below. Run the netstat command to make sure port 5672 is closed.








Last modified
14:56, 8 Mar 2017