RE: FW: [cacti-announce] Cacti 0.8.6j Released (fwd)

• From: Jim Popovitch
• Date: Thu Jan 18 17:54:36 2007

• Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-YMail-OSG:Subject:From:To:Cc:In-Reply-To:References:Content-Type:Date:Message-Id:Mime-Version:X-Mailer; b=GHc+gcyuNMLgBj1Uqnuvem7uoL01OOdDBeXxMUujyzwljIg16roXdpRnozsKR7h4V3e1XzJvQ/iD4AG6xhCACr69xV56+JH79zwXyuMehdak9lEUYZ36kE84ypOeKQfydt9SZXLx85wnEvFEzLmYN4t4eAVzGKmmCQP5NM//wl4= ;

On Thu, 2007-01-18 at 14:33 -0700, Berkman, Scott wrote:
> There is this Network Management theory called Out of Band Management.

Which is rarely properly applied.  I lost count of the data centers that
block mgmt traffic from external customers, but leave internal systems
(which are often "sublet" to all sorts of external customers) wide open
to mgmt servers/devices.  Unfortunately mgmt systems need access to
whatever they are monitoring, so if you're monitoring customer systems
then you are more than likely exposed and should take high-priority at
tightening your NMS systems.  I know, I work for a NMS vendor and I
wouldn't sign my name certifying that our stuff is secure.  It's funny
how pen testing seems to avoid NMS stuff.

-Jim P. 

Attachment: signature.asc
Description: This is a digitally signed message part

• References:
  • RE: FW: [cacti-announce] Cacti 0.8.6j Released (fwd) Berkman, Scott

• Prev by Date: RE: FW: [cacti-announce] Cacti 0.8.6j Released (fwd)
• Next by Date: Re: FW: [cacti-announce] Cacti 0.8.6j Released (fwd)
• Date Index
• Thread Index
• Author Index
• Historical