On Monday, 10 February, 2020 14:10, Tom Hill <t...@ninjabadger.net> wrote:
>On 10/02/2020 21:01, Keith Medcalf wrote: >> How about you just say in English what it is you want to say instead >> of wasting everyone's time? > "Click the fucking link and find out" ? > (Protip: never ask a Brit to be explicit.) >> Page does not exist, and I do not do tinyurl or bitly or any of that >> sort of obfuscation crap. > If you've decided to obfuscate HTTP 302 responses from your life, I'm > not sure I can really help you navigate Cisco's security tools anyway. Seems pretty straightforward to me. You posted a link. It was broken. Case closed. > Suffice it to say, there are a heap of critical and/or high-level > security vulnerabilities listed for the Cisco IOS version referenced by > the OP (12.2(31)SGA1). Eschewing those recommendations in favour of > dick-waving over high uptimes is an industry practice that we should > really have killed-off by now. Just because *you* or some other person thinks there are *critical* security vulnerabilities does not mean that those vulnerabilities are exploitable in any particular instance of the installation of that hardware or software. Just because "A" is a vulnerability does not mean that one needs to "fix or upgrade" anything if "A" is already mitigated. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/