[geeks] snmp vunerabilities
Bjorn Ramqvist
brt at g.haggve.se
Wed Feb 13 01:40:32 CST 2002
"Peter L. Wargo" wrote:
>
> On Tue, 12 Feb 2002, Bill Bradford wrote:
>
> Ya know what bites about these things? The amount of resources that it
> takes to generate the patches, then test them with *every* test
> combination. I wonder how much companies like IBM, Sun, and HP spend on
> security fixes every year...
>
> (Notice I left mickeysoft out. I know their budget must be a whole $0.50
> or so...)
Yeah, and it shows up in their "quick solutions".
Looking at the CERT advisory, in short:
Cisco:
"We are working on it right now."
Compaq:
"We are investigating and you should expect a patch soon."
Mickey$oft:
"Turn off SNMP v1."
Heh... Sounds to me like:
"Why not shut down all servers? Then we can't get any security-holes
either!"
:-)
--
Vdnliga hdlsningar/Best Regards
Bjvrn Ramqvist, Hdgglunds Vehicle AB
More information about the geeks
mailing list