[c-nsp] Looking-glass software?

Saku Ytti saku at ytti.fi
Thu May 18 15:08:25 EDT 2017


On 18 May 2017 at 21:47, Patrick M. Hausen <hausen at punkt.de> wrote:
> I am in no way planning to make this public. We have had routerproxy in
> place as a convenient tool for our own admins, specifically the ones who
> are not IOS gurus and just want to look up stuff, not configure the systems.

I get that, but you shouldn't use system() or back-ticks ever,
regardless security posture. Because it is 0 cost to do this right
(e.g. popen) versus wrong, so you have no upside on the wrong way.
Also, you may intend it internal use only, but then you leave the
company, and customer RFP mandates looking glass, and fastest way to
do it, is to expose the NOC tool to customer.

-- 
  ++ytti


More information about the cisco-nsp mailing list