My point exactly. However, if one is bound and determined to use SNMP, then better to have it on the router so that if it is compromised there is still a firewall between it and your LAN.
If the firewall is compromised, there's nothing left. Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED] > -----Original Message----- > From: Frank Zastawnik [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 22, 2002 1:36 PM > To: [EMAIL PROTECTED] > Subject: RE: [gb-users] SNMP Management > > > My thoughts are any device outside a firewall that is SNMP > enabled is a > risk, even a router. Yes you can do ACLs but if the firewall was SNMP > enabled you could have similar rules about attatchment to it. > > And being able to monitor traffic at the firewall would allow > one to see > what is happening on all interfaces (whether SNMP is available via and > interface or not) thus letting you see what traffic is > hitting the public > and the private and allow you to possibly see what isn't > making it though as > well, all in real time. > > > > -----Original Message----- > From: Mike Burden [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 22, 2002 1:31 PM > To: [EMAIL PROTECTED] > Subject: RE: [gb-users] SNMP Management > > > For traffic and trend analysis, why not monitor the router instead? > > Mike Burden > Lynk Systems > http://www.lynk.com > (616)532-4985 > [EMAIL PROTECTED] > > > > -----Original Message----- > > From: Woloss, Rick (INV-EDH) [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, May 22, 2002 1:27 PM > > To: Mike Burden > > Subject: RE: [gb-users] SNMP Management > > > > > > I guess that's your opinion. But much needed for Trend > > analysis data and so > > on. I did get a response from GTA saying they are going to > > add it as a > > feature at some point but don't know when. > > > > Rick Woloss > > Network Engineer > > |D|S|T| INNOVIS TM > > connecting people through technology > > work (916) 941-4262 > > mobile (916) 296-7465 > > [EMAIL PROTECTED] > > > > > > -----Original Message----- > > From: Mike Burden [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, May 22, 2002 10:21 AM > > To: Woloss, Rick (INV-EDH) > > Subject: RE: [gb-users] SNMP Management > > > > > > Community string or not, I don't consider SNMP to be an acceptable > > security risk on a firewall. Way too much exposure for way > too little > > gain. > > > > Mike Burden > > Lynk Systems > > http://www.lynk.com > > (616)532-4985 > > [EMAIL PROTECTED] > > > > > > > -----Original Message----- > > > From: Woloss, Rick (INV-EDH) [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, May 22, 2002 1:17 PM > > > To: Mike Burden; [EMAIL PROTECTED] > > > Subject: RE: [gb-users] SNMP Management > > > > > > > > > Thats what community strings are for. If someone is'nt smart > > > enough to > > > change the default Read-Only from public, then thats > their problem. > > > > > > Rick Woloss > > > Network Engineer > > > |D|S|T| INNOVIS TM > > > connecting people through technology > > > work (916) 941-4262 > > > mobile (916) 296-7465 > > > [EMAIL PROTECTED] > > > > > > > > > -----Original Message----- > > > From: Mike Burden [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, May 22, 2002 10:16 AM > > > To: [EMAIL PROTECTED] > > > Subject: RE: [gb-users] SNMP Management > > > > > > > > > Why bother to have a firewall if it's not going to be > > > as secure as you can make it? > > > > > > Mike Burden > > > Lynk Systems > > > http://www.lynk.com > > > (616)532-4985 > > > [EMAIL PROTECTED] > > > > > > > > > > -----Original Message----- > > > > From: Woloss, Rick (INV-EDH) [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, May 22, 2002 1:14 PM > > > > To: Mike Burden; [EMAIL PROTECTED] > > > > Subject: RE: [gb-users] SNMP Management > > > > > > > > > > > > No Joke pal. > > > > > > > > Rick Woloss > > > > Network Engineer > > > > |D|S|T| INNOVIS TM > > > > connecting people through technology > > > > work (916) 941-4262 > > > > mobile (916) 296-7465 > > > > [EMAIL PROTECTED] > > > > > > > > > > > > -----Original Message----- > > > > From: Mike Burden [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, May 22, 2002 10:12 AM > > > > To: [EMAIL PROTECTED] > > > > Subject: RE: [gb-users] SNMP Management > > > > > > > > > > > > SNMP on the firewall? Please tell me that you're joking! > > > > > > > > Mike Burden > > > > Lynk Systems > > > > http://www.lynk.com > > > > (616)532-4985 > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > -----Original Message----- > > > > > From: Woloss, Rick (INV-EDH) > > [mailto:[EMAIL PROTECTED]] > > > > > Sent: Tuesday, May 21, 2002 6:25 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: [gb-users] SNMP Management > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ver3.1.3 GB1000 > > > > > Is anyone able to SNMP monitor this appliance. Is their a > > > > > configurable > > > > > community string. > > > > > > > > > > Thanks in advance > > > > > Rick Woloss > > > > > Network Engineer > > > > > |D|S|T| INNOVIS TM > > > > > connecting people through technology > > > > > work (916) 941-4262 > > > > > mobile (916) 296-7465 > > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > Notice: This e-mail and any attachments are intended > > only for the > > > > > individual or company to which it is addressed and may > > > > > contain information > > > > > which is privileged, confidential and prohibited from > > > disclosure or > > > > > unauthorized use under applicable law. If you are not > > > the intended > > > > > recipient of this e-mail, you are hereby notified > that any use, > > > > > dissemination, or copying of this e-mail or the information > > > > > contained in this e-mail is strictly prohibited by > the sender. > > > > > If you have received this > > > > > transmission in error, please return the material received to > > > > > the sender and > > > > > delete all copies from your system. Thank you. > > > > > > > > > > > > > > > Notice: This e-mail and any attachments are intended > > only for the > > > > > individual or company to which it is addressed and may > > > > > contain information > > > > > which is privileged, confidential and prohibited from > > > disclosure or > > > > > unauthorized use under applicable law. If you are not > > > the intended > > > > > recipient of this e-mail, you are hereby notified > that any use, > > > > > dissemination, or copying of this e-mail or the information > > > > > contained in this e-mail is strictly prohibited by > the sender. > > > > > If you have received this > > > > > transmission in error, please return the material received to > > > > > the sender and > > > > > delete all copies from your system. Thank you. > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > To subscribe to the digest version first unsubscribe, then > > > > > e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: > [EMAIL PROTECTED] Archive > > > > > of the last 1000 messages: > > > > > http://www.mail-archive.com/[email protected] > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > To subscribe to the digest version first unsubscribe, then > > > > e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of > > > > the last 1000 messages: > > > > http://www.mail-archive.com/[email protected] > > > > > > > > > > > > Notice: This e-mail and any attachments are intended > only for the > > > > individual or company to which it is addressed and may contain > > > > information which is privileged, confidential and > prohibited from > > disclosure or > > > > unauthorized use under applicable law. If you are not > > the intended > > > > recipient of this e-mail, you are hereby notified that any use, > > > > dissemination, or copying of this e-mail or the information > > > > contained in this e-mail is strictly prohibited by the > sender. If > > > > you have received this > > > > transmission in error, please return the material received to > > > > the sender and > > > > delete all copies from your system. Thank you. > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > To subscribe to the digest version first unsubscribe, then > > > e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > Archive of the last 1000 messages: > > > http://www.mail-archive.com/[email protected] > > > > > > > > > Notice: This e-mail and any attachments are intended only for the > > > individual or company to which it is addressed and may > > > contain information > > > which is privileged, confidential and prohibited from > disclosure or > > > unauthorized use under applicable law. If you are not > the intended > > > recipient of this e-mail, you are hereby notified that any use, > > > dissemination, or copying of this e-mail or the information > > > contained in > > > this e-mail is strictly prohibited by the sender. If you > > > have received this > > > transmission in error, please return the material received to > > > the sender and > > > delete all copies from your system. Thank you. > > > > > > > > > Notice: This e-mail and any attachments are intended only for the > > individual or company to which it is addressed and may > > contain information > > which is privileged, confidential and prohibited from disclosure or > > unauthorized use under applicable law. If you are not the intended > > recipient of this e-mail, you are hereby notified that any use, > > dissemination, or copying of this e-mail or the information > > contained in > > this e-mail is strictly prohibited by the sender. If you > > have received this > > transmission in error, please return the material received to > > the sender and > > delete all copies from your system. Thank you. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
