> -----Original Message-----
> From: Durham, David [mailto:david.durham@intel.com]
>
> > bw> The SNMP CERT advisories have NOT talked about a flaw
> > bw> in the SNMP Protocol at all. They have talked about
> implementation
> > dd> Perhaps,
> >
> > It's not a question of "perhaps". It's absolutely certain.
> > Please read the advisory.
>
> [DaveD] The advisory is not clear in this regard, I read it.
What is not clear about this text from the advisory?
"Numerous vulnerabilities have been reported in multiple vendors' SNMP implementations."
[Oulu] "has reported numerous vulnerabilities in SNMPv1 implementations."
> Also, the press
> reports clearly specify that there are Vulnerabilities in the SNMP
> Protocol. It was not clear if this was based ONLY on the cited CERT
> advisory.
So we look to the press to provide us protocol designers with solid technical information now? Oh my!
I hope COPS wasn't designed by the journalists.... ;-)
As far as the recommendation to disable SNMP, the advisory reads:
"As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP." So, using your logic, if I have devices that don't need COPS/PR, then COPS/PR must not be suitable for provisioning?
Get a clue. Understand what the CERT advisory is about before you try to use it to justify COPS/PR.
I expected better from you.
dbh
David Harrington
Network Management Architect
Office of the CTO
Enterasys Networks