[nsp-sec] [TLP:Yellow] Possible IOS(-XR) SNMP security issue

[Chris Morrow]

At Mon, 30 Oct 2017 10:22:45 +0100,
Dominik Bay <db at rrbone.net> wrote:
> 
> ----------- nsp-security Confidential --------
> - SNMP RW access and bypassing SNMP ACLs via IP-Spoofing

it's worth remembering, I think, that the access-list applied to a
community is not really a packet filter, you would also want to make
sure your iACL setup is complete, and drops your net-management
station address(es) at your customer/peering edge.

(also, turn off snmp writes)

-chris