RE: [Entmib] FW: [psg.com #76] AutoReply: Security Considerations
"Sharon Chisholm" <schishol@nortelnetworks.com> Fri, 21 November 2003 15:25 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA17749 for <entmib-archive@odin.ietf.org>; Fri, 21 Nov 2003 10:25:18 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND9Z-0005VJ-Qu for entmib-archive@odin.ietf.org; Fri, 21 Nov 2003 10:25:01 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hALFP1Ej021133 for entmib-archive@odin.ietf.org; Fri, 21 Nov 2003 10:25:01 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND9Z-0005UO-26; Fri, 21 Nov 2003 10:25:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AND8u-0005Ta-Gd for entmib@optimus.ietf.org; Fri, 21 Nov 2003 10:24:20 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA17725 for <entmib@ietf.org>; Fri, 21 Nov 2003 10:24:06 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AND8s-0003gM-00 for entmib@ietf.org; Fri, 21 Nov 2003 10:24:18 -0500
Received: from zcars0m9.nortelnetworks.com ([47.129.242.157]) by ietf-mx with esmtp (Exim 4.12) id 1AND8r-0003fz-00 for entmib@ietf.org; Fri, 21 Nov 2003 10:24:17 -0500
Received: from zcard309.ca.nortel.com (zcard309.ca.nortel.com [47.129.242.69]) by zcars0m9.nortelnetworks.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id hALFNkD24827 for <entmib@ietf.org>; Fri, 21 Nov 2003 10:23:46 -0500 (EST)
Received: by zcard309.ca.nortel.com with Internet Mail Service (5.5.2653.19) id <W3H9A0LW>; Fri, 21 Nov 2003 10:23:46 -0500
Message-ID: <3549C09B853DD5119B540002A52CDD340954DFA0@zcard0ka.ca.nortel.com>
From: Sharon Chisholm <schishol@nortelnetworks.com>
To: entmib@ietf.org
Subject: RE: [Entmib] FW: [psg.com #76] AutoReply: Security Considerations
Date: Fri, 21 Nov 2003 10:23:45 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
Sender: entmib-admin@ietf.org
Errors-To: entmib-admin@ietf.org
X-BeenThere: entmib@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/entmib>, <mailto:entmib-request@ietf.org?subject=unsubscribe>
List-Id: IETF Entity MIB WG <entmib.ietf.org>
List-Post: <mailto:entmib@ietf.org>
List-Help: <mailto:entmib-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/entmib>, <mailto:entmib-request@ietf.org?subject=subscribe>
Hi Oops. Make that "locked or shuttingDown" instead of disabled for the first one. Sharon -----Original Message----- From: Chisholm, Sharon [CAR:0S00:EXCH] Sent: Friday, November 21, 2003 10:20 AM To: entmib@ietf.org Subject: [Entmib] FW: [psg.com #76] AutoReply: Security Considerations Hi Proposed Resolution ent-state-76: Add the following to the Security Considerations section: "Note that setting the entStateAdmin to disabled can cause disruption of services ranging from those running on a port or an entire device, depending on the type of entity. Access to this object should be properly protected. Access to the objects defined in this MIB allows one to figure out what the active and standby resources in a network are. This information can be used to optimize attacks on networks so even read-only access to this MIB should be properly protected." Sharon -----Original Message----- From: entity-state [mailto:rt+entity-state@rt.psg.com] Sent: Tuesday, July 15, 2003 4:21 AM To: Chisholm, Sharon [CAR:0S00:EXCH] Subject: [psg.com #76] AutoReply: Security Considerations <clip> ------------------------------------------------------------------------- Romascanu, Dan (Dan) [dromasca@avaya.com] "The Security Considerations section should clearly articulate the operational risks of writing on entStateAdmin." Juergen Schoenwaelder [schoenw@ibr.cs.tu-bs.de] 'm) In the security section, you may want to explain that access to the objects defined in this MIB allows to figure out what the active and standby resources in a network are and that this information can be used to optimize attacks on networks. So even read-only access to this MIB should be properly protected.' _______________________________________________ Entmib mailing list Entmib@ietf.org https://www1.ietf.org/mailman/listinfo/entmib _______________________________________________ Entmib mailing list Entmib@ietf.org https://www1.ietf.org/mailman/listinfo/entmib
- [Entmib] FW: [psg.com #76] AutoReply: Security Co… Sharon Chisholm
- RE: [Entmib] FW: [psg.com #76] AutoReply: Securit… Sharon Chisholm