Re: [nsp] CSCdw65903

• Next message: jp@pour.midcoast.com: "[nsp] traffic limiting ports"
• Previous message: Steve Pfister: "[nsp] CBAC and performance"
• In reply to: Brett Rodgers: "Re: [nsp] CSCdw65903"
• Next in thread: Chris Whyte: "RE: [nsp] CSCdw65903"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Hi,

On Tue, Feb 12, 2002 at 08:36:53AM -0800, Brett Rodgers wrote:
> It will remain obscure for awhile. In the meanwhile,
> it is in your network's best interest to upgrade.

It would be much more helpful if Cisco would publish their advisory
quickly now, now that the CERT advisory is out - especially clarifying
which configurations are vulnerable and which ones are not (like "if
you do not have 'snmp-server host ...' statements, and if you only use
'snmp-server community' with ACLs, you are not vulnerable" - if that's
the way it is).

Upgrading a large production network on the basis of nebulous "it would be
better to upgrade, you'll see!" is not good advice.

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert.doering@physik.tu-muenchen.de

• Next message: jp@pour.midcoast.com: "[nsp] traffic limiting ports"
• Previous message: Steve Pfister: "[nsp] CBAC and performance"
• In reply to: Brett Rodgers: "Re: [nsp] CSCdw65903"
• Next in thread: Chris Whyte: "RE: [nsp] CSCdw65903"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:33 EDT