Update manifest's remediation suggestions to match with the docs'

PR #1
guardicode · Aug 2, 2024 · 8f34888 · 8f34888
1 parent d4a7db4
commit 8f34888
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,9 +7,6 @@ Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to
 the [PEP 440 version scheme](https://peps.python.org/pep-0440/#version-scheme).
 
 
-## [Unreleased]
-### Added
+## [3.1.0] - 2024-08-02
 ### Changed
-### Fixed
-### Removed
-### Security
+- Remediation suggestions in the manifest file. #1
diff --git a/manifest.yaml b/manifest.yaml
@@ -6,17 +6,24 @@ supported_operating_systems:
 target_operating_systems:
   - linux
 title: SNMP Exploiter
-version: 3.0.0
+version: 3.1.0
 description: Attempts remote command execution over SNMP using known credentials.
 safe: true
 remediation_suggestion: >-
-    Configure SNMP to use read-only communities.
+    Use SNMPv3 with the authPriv security level, if possible.
+
+    Treat community strings as passwords.
+
+    Enable the read-only build option (NETSNMP_NO_WRITE_SUPPORT).
+
+    Configure SNMP to use read-only community strings.
 
     Apply security updates to your Net-SNMP installation.
 
     Limit access over SNMP to trusted hosts.
 
-    Use SNMPv3 with the authPriv security level if possible.
+    Note that even with only read access, an SNMP server can still expose crucial
+    information about the network.
 
 
     The machine is vulnerable to an attack on Net-SNMP via