nanog mailing list archives
Re: it's here
From: Ron da Silva <ron () aol net>
Date: Wed, 13 Feb 2002 10:29:41 -0500
On Tue, Feb 12, 2002 at 07:32:07PM +0000, Eric Brandwine wrote:
"sd" == Sean Donelan <sean () donelan com> writes:sd> On Tue, 12 Feb 2002, Alex Rubenstein wrote:http://www.cert.org/advisories/CA-2002-03.htmlsd> ASN.1 is pretty cool, but I've been wondering are there that sd> many ISPs which allow external SNMP access to their equipment? sd> SNMP is a UDP management protocol, and even under the best of sd> conditions, accepting packets from out of the blue isn't a good sd> idea. Spoofed packets? It's not feasible to filter antispoof at OC-12 or OC-48 line rate on all customer facing interfaces.
But it should be not only feasible, but standard practice. -ron
Current thread:
- it's here Alex Rubenstein (Feb 12)
- Re: it's here Sean Donelan (Feb 12)
- Re: it's here Valdis . Kletnieks (Feb 12)
- Re: it's here Eric Brandwine (Feb 12)
- Re: it's here Sean Donelan (Feb 12)
- Re: it's here Jon O . (Feb 12)
- Re: it's here Ron da Silva (Feb 13)
- Re: it's here Eric Brandwine (Feb 13)
- Re: it's here jerry scharf (Feb 13)
- Re: it's here jlewis (Feb 13)
- Re: it's here William Allen Simpson (Feb 13)
- Re: it's here Jared Mauch (Feb 13)
- Re: it's here Sean Donelan (Feb 12)
- Re: it's here Jesper Skriver (Feb 13)
- Re: it's here Eric Brandwine (Feb 13)
- Re: it's here kevin graham (Feb 13)
- Re: it's here Jesper Skriver (Feb 13)
- Re: it's here Jake Khuon (Feb 13)