nanog mailing list archives

Re: it's here

From: Eric Brandwine <ericb () UU NET>
Date: 12 Feb 2002 19:32:07 +0000

"sd" == Sean Donelan <sean () donelan com> writes:


sd> On Tue, 12 Feb 2002, Alex Rubenstein wrote:

http://www.cert.org/advisories/CA-2002-03.html


sd> ASN.1 is pretty cool, but I've been wondering are there that
sd> many ISPs which allow external SNMP access to their equipment?
sd> SNMP is a UDP management protocol, and even under the best of
sd> conditions, accepting packets from out of the blue isn't a good
sd> idea.

Spoofed packets?

It's not feasible to filter antispoof at OC-12 or OC-48 line rate on
all customer facing interfaces.

ericb
-- 
Eric Brandwine     |  To assert that the earth revolves around the sun is as
UUNetwork Security |  erroneous as to claim that Jesus was not born of a
ericb () uu net       |  virgin.
+1 703 886 6038    |      - Cardinal Bellarmine (during the
Key fingerprint = 3A39 2C2F D5A0 FC7C  5F60 4118 A84A BD5D  59D7 4E3E

Current thread:

it's here Alex Rubenstein (Feb 12)
- Re: it's here Sean Donelan (Feb 12)
  - Re: it's here Valdis . Kletnieks (Feb 12)
  - Re: it's here Eric Brandwine (Feb 12)
    - Re: it's here Sean Donelan (Feb 12)
    - Re: it's here Jon O . (Feb 12)
    - Re: it's here Ron da Silva (Feb 13)
    - Re: it's here Eric Brandwine (Feb 13)
    - Re: it's here jerry scharf (Feb 13)
    - Re: it's here jlewis (Feb 13)
    - Re: it's here William Allen Simpson (Feb 13)
    - Re: it's here Jared Mauch (Feb 13)
    - Re: it's here Jesper Skriver (Feb 13)
    - Re: it's here Eric Brandwine (Feb 13)

(Thread continues...)