[Entmib] FW: [psg.com #76] AutoReply: Security Considerations
"Sharon Chisholm" <schishol@nortelnetworks.com> Fri, 21 November 2003 15:21 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA17625 for <entmib-archive@odin.ietf.org>; Fri, 21 Nov 2003 10:21:20 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND5j-0005NC-PL for entmib-archive@odin.ietf.org; Fri, 21 Nov 2003 10:21:03 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hALFL3fg020630 for entmib-archive@odin.ietf.org; Fri, 21 Nov 2003 10:21:03 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND5j-0005ME-0f; Fri, 21 Nov 2003 10:21:03 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND5b-0005Je-SC for entmib@optimus.ietf.org; Fri, 21 Nov 2003 10:20:55 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA17536 for <entmib@ietf.org>; Fri, 21 Nov 2003 10:20:37 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AND5U-0003cA-00 for entmib@ietf.org; Fri, 21 Nov 2003 10:20:48 -0500
Received: from zcars04f.nortelnetworks.com ([47.129.242.57]) by ietf-mx with esmtp (Exim 4.12) id 1AND5U-0003bQ-00 for entmib@ietf.org; Fri, 21 Nov 2003 10:20:48 -0500
Received: from zcard309.ca.nortel.com (zcard309.ca.nortel.com [47.129.242.69]) by zcars04f.nortelnetworks.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id hALFKGw06100 for <entmib@ietf.org>; Fri, 21 Nov 2003 10:20:16 -0500 (EST)
Received: by zcard309.ca.nortel.com with Internet Mail Service (5.5.2653.19) id <W3H9A02A>; Fri, 21 Nov 2003 10:20:16 -0500
Message-ID: <3549C09B853DD5119B540002A52CDD340954DF8D@zcard0ka.ca.nortel.com>
From: Sharon Chisholm <schishol@nortelnetworks.com>
To: entmib@ietf.org
Date: Fri, 21 Nov 2003 10:20:14 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
Subject: [Entmib] FW: [psg.com #76] AutoReply: Security Considerations
Sender: entmib-admin@ietf.org
Errors-To: entmib-admin@ietf.org
X-BeenThere: entmib@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/entmib>, <mailto:entmib-request@ietf.org?subject=unsubscribe>
List-Id: IETF Entity MIB WG <entmib.ietf.org>
List-Post: <mailto:entmib@ietf.org>
List-Help: <mailto:entmib-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/entmib>, <mailto:entmib-request@ietf.org?subject=subscribe>
Hi Proposed Resolution ent-state-76: Add the following to the Security Considerations section: "Note that setting the entStateAdmin to disabled can cause disruption of services ranging from those running on a port or an entire device, depending on the type of entity. Access to this object should be properly protected. Access to the objects defined in this MIB allows one to figure out what the active and standby resources in a network are. This information can be used to optimize attacks on networks so even read-only access to this MIB should be properly protected." Sharon -----Original Message----- From: entity-state [mailto:rt+entity-state@rt.psg.com] Sent: Tuesday, July 15, 2003 4:21 AM To: Chisholm, Sharon [CAR:0S00:EXCH] Subject: [psg.com #76] AutoReply: Security Considerations <clip> ------------------------------------------------------------------------- Romascanu, Dan (Dan) [dromasca@avaya.com] "The Security Considerations section should clearly articulate the operational risks of writing on entStateAdmin." Juergen Schoenwaelder [schoenw@ibr.cs.tu-bs.de] 'm) In the security section, you may want to explain that access to the objects defined in this MIB allows to figure out what the active and standby resources in a network are and that this information can be used to optimize attacks on networks. So even read-only access to this MIB should be properly protected.' _______________________________________________ Entmib mailing list Entmib@ietf.org https://www1.ietf.org/mailman/listinfo/entmib
- [Entmib] FW: [psg.com #76] AutoReply: Security Co… Sharon Chisholm
- RE: [Entmib] FW: [psg.com #76] AutoReply: Securit… Sharon Chisholm