Hi,
On Tue, Feb 12, 2002 at 08:36:53AM -0800, Brett Rodgers wrote:
> It will remain obscure for awhile. In the meanwhile,
> it is in your network's best interest to upgrade.
It would be much more helpful if Cisco would publish their advisory
quickly now, now that the CERT advisory is out - especially clarifying
which configurations are vulnerable and which ones are not (like "if
you do not have 'snmp-server host ...' statements, and if you only use
'snmp-server community' with ACLs, you are not vulnerable" - if that's
the way it is).
Upgrading a large production network on the basis of nebulous "it would be
better to upgrade, you'll see!" is not good advice.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:04 EDT