Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Network Performance Monitor (NPM) > AMQP Cleartext Authentication

AMQP Cleartext Authentication

Table of contents
Created by Allain M Umalin, last modified by John Wallace on Mar 08, 2017

Views: 4,403 Votes: 1 Revisions: 11

Overview

 

Nessus Security Vulnerability scanner reports the following vulnerability in the SolarWinds server.

 

AMQP Cleartext Authentication (87733)


The remote host is running a service that allows Cleartext authentication.

 

Description:
The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.

Environment

CORE 2016.1, CORE 2016.2

Detail

 

Solarwinds Development Team advises that solarwinds software using the RabbitMQ feature, does not send authentication in Cleartext so this really should not be a concern and is more of a false positive.

 

If you do need to resolve such issue, It is likely that additional polling engines are being used, there are a couple of steps you should perform.

 

Please first upgrade environment to CORE 2016.2 platform (NPM 12.0.1, SAM 6.3, NCM 7.5.1 etc)

 

You should now be able to disable port 5672 on primary polling engine, which previously in CORE 2016.1 was being used.

 

You can additionally, if you have no firewall, also make a change inside the RabbitMQ config file.

 

- How to disable Cleartext authentication mechanisms in the AMQP configuration.

 

To close the Clear text authentication mechanism add the line to the RabbitMQ config file.

The file is named rabbitmq.config and is located at C:\ProgramData\Solarwinds\Orion\RabbitMQ.

Add the line {tcp_listeners, []} next to {ssl_listeners, [5671]} and restart the RabbitMQ service using the Orion Service Manager.

Make sure you include the comma(,) at the end of the line otherwise the service will not start.

See example below. Run the netstat command to make sure port 5672 is closed.

 

 

 

Example:

 

 

 

Last modified

Tags

Classifications

Public