[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: COPS vs. SNMP

To: "Durham, David" <david.durham@intel.com>, "'Tricha Anjali'" <tricha@ece.gatech.edu>, rap@ops.ietf.org
Subject: RE: COPS vs. SNMP
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Mon, 25 Feb 2002 19:49:06 +0100
Cc: "Ian F. Akyildiz" <ian@ece.gatech.edu>

David, I am not sure what you are trying to tell people?

The SNMP CERT advisories have NOT talked about a flaw
in the SNMP Protocol at all. They have talked about implementation
bugs. Further, it seems that most implementation bugs have been
in the area of not properly decoding BER encoded SNMP packets.

Since the COPS-PR with PIB approach also uses BER encoding for
sending the configuration/policy information, I would suspect
that COPS-PR implementations have the same potential risks!!!

Bert 

> -----Original Message-----
> From: Durham, David [mailto:david.durham@intel.com]
> Sent: Monday, February 25, 2002 7:32 PM
> To: 'Tricha Anjali'; rap@ops.ietf.org
> Cc: Ian F. Akyildiz
> Subject: RE: COPS vs. SNMP
> 
> 
> I'm interested in what the industry adoption of SNMPConf is/will be.
> Particularly given that CERT is already advising that 
> administrators TURN
> SNMP OFF! Eg. SNMP is currently undergoing a maelstrom of 
> CERT advisories
> and other bad press due to its
> troubling susceptibilities. Now just imagine allowing people 
> to actually
> download viruses and worms via SNMPConf PM MIB's Scripts.
> -Dave
> 
> http://www.internetwk.com/story/INW20020213S0002
> 
> > -----Original Message-----
> > From: Tricha Anjali [mailto:tricha@ece.gatech.edu]
> > Sent: Monday, February 25, 2002 9:38 AM
> > To: rap@ops.ietf.org
> > Cc: Ian F. Akyildiz
> > Subject: COPS vs. SNMP
> > 
> > 
> > 
> > Hello,
> > 
> > We have been following the IETF activities concerning the 
> > ongoing work in
> > the fields of SNMP and COPS. It seems that at the meeting in 
> > March 2000 in
> > Adelaide, the snmpconf working group was formed for issues 
> > dealing with
> > policy-based network management after the BOF about network 
> > management in
> > Dec 1999. However, now the group seems to have accomplished 
> > its charter
> > and finished. Does this mean that the discussion has been resolved?
> > 
> > We would like to know if the resource reservation in a 
> > network can/should
> > be achieved via COPS? If yes, how is it advantageous over SNMP?
> > 
> > Any help will be appreciated!
> > 
> > Thanks in advance,
> > 
> > Tricha
> > 
> > -------------------------------
> > Tricha Anjali
> > Broadband & Wireless Networking Lab
> > School of Electrical and Computer Engineering
> > Georgia Institute of Technology
> > http://users.ece.gatech.edu/~tricha/
> > 
> > 
> > 
> > 
>

Prev by Date: RE: COPS vs. SNMP
Next by Date: RE: COPS vs. SNMP
Previous by thread: Re: COPS vs. SNMP
Next by thread: RE: COPS vs. SNMP
Index(es):
- Date
- Thread