Re: [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-measure-04.txt
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Mon, 19 May 2008 18:31 UTC
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by bierator.ibr.cs.tu-bs.de (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id m4JIV9P6001048 for <nmrg@ibr.cs.tu-bs.de>; Mon, 19 May 2008 20:31:14 +0200
Received: from localhost (demetrius2.jacobs-university.de [212.201.44.47]) by hermes.jacobs-university.de (Postfix) with ESMTP id 239BFC0003; Mon, 19 May 2008 20:31:09 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius2.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id MarCvghtCy7P; Mon, 19 May 2008 20:31:02 +0200 (CEST)
Received: from elstar.local (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id DC10AC0011; Mon, 19 May 2008 20:31:02 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501) id 26097597A1B; Mon, 19 May 2008 20:31:02 +0200 (CEST)
Date: Mon, 19 May 2008 20:31:02 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: David B Harrington <dbharrington@comcast.net>
Subject: Re: [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-measure-04.txt
Message-ID: <20080519183102.GA28463@elstar.local>
Mail-Followup-To: David B Harrington <dbharrington@comcast.net>, "'Karen R. Sollins'" <sollins@csail.mit.edu>, 'Internet Research Steering Group' <irsg@isi.edu>, nmrg@ibr.cs.tu-bs.de
References: <p06240404c456a78f0f60@[192.168.1.105]> <08cb01c8b9b2$7669edb0$0600a8c0@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <08cb01c8b9b2$7669edb0$0600a8c0@china.huawei.com>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-IBRFilter-SpamReport: -1.951 () BAYES_20
X-Scanned-By: MIMEDefang 2.51 on 134.169.34.9
Cc: 'Internet Research Steering Group' <irsg@isi.edu>, "'Karen R. Sollins'" <sollins@csail.mit.edu>, nmrg@ibr.cs.tu-bs.de
X-BeenThere: nmrg@ibr.cs.tu-bs.de
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: j.schoenwaelder@jacobs-university.de
List-Id: Network Management Research Group <nmrg.ibr.cs.tu-bs.de>
List-Unsubscribe: <https://mail.ibr.cs.tu-bs.de/mailman/listinfo/nmrg>, <mailto:nmrg-request@ibr.cs.tu-bs.de?subject=unsubscribe>
List-Archive: <http://mail.ibr.cs.tu-bs.de/pipermail/nmrg>
List-Post: <mailto:nmrg@ibr.cs.tu-bs.de>
List-Help: <mailto:nmrg-request@ibr.cs.tu-bs.de?subject=help>
List-Subscribe: <https://mail.ibr.cs.tu-bs.de/mailman/listinfo/nmrg>, <mailto:nmrg-request@ibr.cs.tu-bs.de?subject=subscribe>
X-List-Received-Date: Mon, 19 May 2008 18:31:19 -0000
On Mon, May 19, 2008 at 09:15:49AM -0400, David B Harrington wrote: > I think something should be said that this information could be used > by an attacker (especially an attacker internal to the organization) > to decide/pinpoint where and how to attack. This information might > need to be anonymized, although that would seem to defeat the purpose > of having the information. I don't really know what to suggest here > other than to raise the point in the security considerations that such > location information might be sensitive, and could aid an attacker. I suggest to add the following text to the end of the security considerations: The meta data associated with traces and in particular information about the organization owning a network and the description of the measurement point in the network topology where a trace was collected may be misused to decide/pinpoint where and how to attack a network. Meta data therefore needs to be properly protected. In addition, I like to replace "generate XML traces" with "generate CSV or XML traces" in the first sentence of the second paragraph of the security considerations text since the rest of the paragraph applies to both trace formats and not just XML. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- [nmrg] RE: [IRSG] review of draft-irtf-nmrg-snmp-… Bert Wijnen - IETF
- [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-… Juergen Schoenwaelder
- RE: [nmrg] Re: [IRSG] review of draft-irtf-nmrg-s… David B Harrington
- Re: [nmrg] Re: [IRSG] review of draft-irtf-nmrg-s… Juergen Schoenwaelder
- [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-… Karen R. Sollins
- RE: [nmrg] Re: [IRSG] review of draft-irtf-nmrg-s… David B Harrington
- [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-… Juergen Schoenwaelder
- [nmrg] RE: [IRSG] review of draft-irtf-nmrg-snmp-… Bert Wijnen - IETF
- [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-… Karen R. Sollins
- [nmrg] Re: [IRSG] review of draft-irtf-nmrg-snmp-… Juergen Schoenwaelder
- [nmrg] review of draft-irtf-nmrg-snmp-measure-04.… Karen R. Sollins
- RE: [nmrg] draft-irtf-nmrg-snmp-measure-05.txt no… Medhi, Deep
- [nmrg] draft-irtf-nmrg-snmp-measure-05.txt now mo… Bert Wijnen - IETF