Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Hole In SNMP

Posted by timothy on from the so-never-mail-passwords dept.

wiredog writes: "From ZDNET comes the news that there is apparently a serious security flaw in the Simple Network Management Protocol, used to control routers and other network devices." An anonymous reader points to the CERT advisory as well.

6 of 267 comments (clear)

  1. Well duh. by Anonymous Coward · · Score: 3, Funny

    What do you expect from a protocol named Security's Not My Problem?

  2. scary... by macsox · · Score: 2, Funny

    the scariest thing about this is that windows ships with snmp off by default, making it (at least at first) immune. what are the odds?

    --
    go get it
  3. Re:Excellent by Anonymous Coward · · Score: 2, Funny


    IANA Programmer, IANA Sysadmin, I'm just a user... Mod appropriately, please.

    Ahh, the mark of someone trolling for karma.


    But still, this notice strikes me as excellent

    Really? I thought it was the clueless stick that strikes you. daily. The notice is no different than any other Cert notice.


    First, it draws attention to a hole that can be patched

    Just like every other security hole notice...


    and I'm sure a number of programmers are grabbing down what source they can to implement a fix for it.

    Wow. You're right. 0 is a number.


    Second, while the magnitude of impact may be great, it's sure a change from the near-weekly "a hole has been found in Microsoft Product X" announcements we get.

    While the magnitude of imoact of an asteroid hitting the earth may be great, it's sure a change from the near-weekly "an airport was shutdown due to a putz forgetting his camera" accouncements we get.


    It stands out because we don't get "Major security hole in basic technologies" announcements very often - usually they're linked to some broken MS implementation of it,

    Right. Like bugs in Microsoft Sendmail. Or Microsoft WuFTP. Or Microsoft Red Hat linux.


    Plus, it goes to show that the Internet is an interdependent community that relies on basic technologies to work, rather than perpetuating the myth that Microsoft *is* the Internet.

    Even more of the obligatory MS sucks, trying to dissipate the blame.


    And the community will either fix the problem, or adopt a new, more rigorous standard.

    Which explains why XWindows is the Linux windowing system of choice.


    And speaking of rigorous, isn't it nice that the basic standard has stood up this long under heavy usage? Can MAPI32 say the same thing? Or VBScripting? Or IIS?

    And speaking of apples and oranges, do you understand the difference between a standard and an implementation?


    I love watching big stuff break for two reasons - I'm a pyromaniac who loves to see thinks go up in flames, and I'm always uplifted by a well-executed community response.

    What's your point again?

  4. S.N.M.P. by Anonymous Coward · · Score: 2, Funny

    Security's
    Not
    My
    Problem!

  5. Re:Wrong summation (again). by timothiy · · Score: 5, Funny

    Screw you! I read it. I just didn't understand it. And what, you think that's going to stop me from posting a story? Like that's stopped me before.

    --
    Karma: Terrible (mostly affected by moderation done to your comments)
  6. Re:Not a SNMP hole by Dwonis · · Score: 3, Funny

    It's not really MS bashing if it's true.