Re: [nsp] CSCdw65903

From: Gert Doering (gert@greenie.muc.de)
Date: Tue Feb 12 2002 - 15:41:14 EST


Hi,

On Tue, Feb 12, 2002 at 08:36:53AM -0800, Brett Rodgers wrote:
> It will remain obscure for awhile. In the meanwhile,
> it is in your network's best interest to upgrade.

It would be much more helpful if Cisco would publish their advisory
quickly now, now that the CERT advisory is out - especially clarifying
which configurations are vulnerable and which ones are not (like "if
you do not have 'snmp-server host ...' statements, and if you only use
'snmp-server community' with ACLs, you are not vulnerable" - if that's
the way it is).

Upgrading a large production network on the basis of nebulous "it would be
better to upgrade, you'll see!" is not good advice.

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert.doering@physik.tu-muenchen.de



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:04 EDT