> > ----- Original Message ----- > From: "Shay Hugi" <[EMAIL PROTECTED]> > To: "Ben Nagy" <[EMAIL PROTECTED]> > Sent: Wednesday, June 05, 2002 7:57 PM > Subject: Re: a web management system for the NetGAP firewall > appliance(off-topic) > > > > > > thread? > > um... > > "Um, did you _read_ the thread?" > > > > Hello? i created this thread... Take a good look. (the DDM is just an > > example for a GOOD snmp management system via web environment) > > Yeah.. I would manage a firewall under SNMP, if i define a specific > internal > > IP to be the ONLY NMS. > > > > and if you think it's not secured let me give you the URL for the > management > > server (i'll map a new nat entry, so the management system will be > available > > for you, from my local lan). that already HAVE the ability to manage the > > firewall. > > > > let me know if you want the URL. > > tell me what flaws you've managed to find. (if You'll find the > > password) > > > > -Shay Hugi > > -Mpthrill.com > > > > > > ----- Original Message ----- > > From: "Ben Nagy" <[EMAIL PROTECTED]> > > To: "'Shay Hugi'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Wednesday, June 05, 2002 10:19 AM > > Subject: RE: a web management system for the NetGAP firewall > > appliance(off-topic) > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]] On Behalf Of Shay Hugi > > > > Sent: Wednesday, June 05, 2002 12:46 AM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: a web management system for the NetGAP firewall > > > > appliance(off-topic) > > > > > > > > > > > > If anyone of you guys who replied to this topic ever saw > > > > Motorola DDM, i don't think you could say such bad things > > > > about SNMP management using web based system. EVEN if it's a Firewall. > > > > > > Um, did you _read_ the thread? > > > > > > > The Motorola Docsis Device Manager, ussualy implemented on a > > > > Sun NETRA managed by X, > > > > > > Running X? OK, it's lost a point already. > > > > > > > running Apache 1.3.20, FULL Java > > > > based management system using SNMPv2 to the Motorola DCM2000 > > > > (CMTS) and the whole CAS System. including non-motorola CM's > > > > with the ability to add and compile your own equipment MIB files. > > > > > > That sounds like you're describing an Enterprise Management product for > > > carriers. That's a very different kettle of fish. > > > > > > > The DDM is truely a powerful product... with no need for any > > > > session encryption except MD5 for the login passwords. I > > > > don't see AT ALL why should a management system using SNMP > > > > and a web based (using Java) system should not run on a > > > > dedicated authenticated workstation to manage a firewall. > > > > > > You'd manage a firewall via SNMP with no encryption?? > > > Certainly...daring. Before I started doing anything like that I'd want > > > to have a complete out-of-band management network. Not many companies > > > have one of those - far less than have firewalls. > > > > > > > Lot's of cable companies who use Motorola CMTS's or > > > > RiverDelta's are using the DDM. And i've never heard anyone > > > > say'n anything bad about this system. > > > > > > I think you're describing a different sort of "management" system, with > > > different risks. I'd go over everything, but I'd just be repeating all > > > the stuff we already described. You're talking about carrier grade gear > > > for people with really different kinds of networks to other businesses. > > > > > > Try sticking a bunch of SNMP read-write manageable devices on a > > > university (college) network and see how long they last. And sure, you > > > can use this DDM thing to manage 'em if you like (but it won't help...) > > > > > > > -Shay Hugi > > > > -Mpthrill.com > > > > > > Cheers, > > > > > > -- > > > Ben Nagy > > > Network Security Specialist > > > Mb: TBA PGP Key ID: 0x1A86E304 > > > > > > > > >
_______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
