Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Network Performance Monitor (NPM) > AMQP Cleartext Authentication

AMQP Cleartext Authentication

Table of contents
Created by Allain M Umalin, last modified by John Wallace on Mar 08, 2017

Views: 486 Votes: 1 Revisions: 11

Overview

 

Nessus Security Vulnerability scanner reports the following vulnerability in the SolarWinds server.

 

AMQP Cleartext Authentication (87733)


The remote host is running a service that allows Cleartext authentication.

 

Description:
The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.

Environment

CORE 2016.1, CORE 2016.2

Detail

 

Solarwinds Development Team advises that solarwinds software using the RabbitMQ feature, does not send authentication in Cleartext so this really should not be a concern and is more of a false positive.

 

If you do need to resolve such issue, It is likely that additional polling engines are being used, there are a couple of steps you should perform.

 

Please first upgrade environment to CORE 2016.2 platform (NPM 12.0.1, SAM 6.3, NCM 7.5.1 etc)

 

You should now be able to disable port 5672 on primary polling engine, which previously in CORE 2016.1 was being used.

 

You can additionally, if you have no firewall, also make a change inside the RabbitMQ config file.

 

- How to disable Cleartext authentication mechanisms in the AMQP configuration.

 

To close the Clear text authentication mechanism add the line to the RabbitMQ config file.

The file is named rabbitmq.config and is located at C:\ProgramData\Solarwinds\Orion\RabbitMQ.

Add the line {tcp_listeners, []} next to {ssl_listeners, [5671]} and restart the RabbitMQ service using the Orion Service Manager.

Make sure you include the comma(,) at the end of the line otherwise the service will not start.

See example below. Run the netstat command to make sure port 5672 is closed.

 

 

 

Example:

 

 

 

Last modified
14:56, 8 Mar 2017

Tags

Classifications

Public