North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: it's here

  • From: Valdis.Kletnieks
  • Date: Tue Feb 12 14:35:37 2002

On Tue, 12 Feb 2002 14:22:32 EST, Sean Donelan said:

> ASN.1 is pretty cool, but I've been wondering are there that
> many ISPs which allow external SNMP access to their equipment?
> SNMP is a UDP management protocol, and even under the best of
> conditions, accepting packets from out of the blue isn't a good
> idea.

The *real* problem is that many *host* systems (Solaris, SGI, AIX,
etc) have SNMP enabled by default.  And remember that hosts outnumber
routers by a considerable margin.

The SANS Top20 listed SNMP as a "turn it off".  It was in the Top10 list
before that.

Can I stop banging my head against the wall yet?

				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

Attachment: pgp00008.pgp
Description: PGP signature