Ben Nagy wrote:
> As I said a few times, I have nothing (much) against RO SNMP, although
> I'd prefer it if people managed to write their SNMP implementations
> better (how hard is it? You give me an OID, I give you a string.
> Sheesh.)
On a sidenote:
Having been involved in implementing an SNMP (read-only) agent, I
must say that I have _no_ problem in understanding why all those
vulnerabilities came to be. Decoding BER-encoded PDUs and all that
comes with it is a recipe for disaster. The people that put the "S"
in SNMP must have had a really twisted sense of humor.
(Although note that I'm in no way defending those that botched it.
The more complex something is, the more you should audit it, so,
yeah, you're definately right.)
--
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden
Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50 WWW: http://www.clavister.com
"Senex semper diu dormit"
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
