Version: 2008

Comments on: Despite patch, today's systems still vulnerable to 2002 flaw

Researcher notes similarity (and differences) between a recent DNS patch announcement and 2002's SNMPv1 flaw.

Add a Comment (Log in or register) (6 Comments)
  • prev
  • 1
  • next
by Penguinisto July 17, 2008 2:46 PM PDT
SNMP isn't really as vital to the Internet's continued existence as I get the impression you think it to be... it's great if you want to monitor machines, but otherwise it's not got a whole lot of use out in the Internet in general, esp. compared to DNS, which world+dog uses (and doing a simple snmpwalk over SNMPv1 doesn't even require passwords... if the netAdmin is stupid enough to leave ports 161-162 wide open to the Internet, he kinda deserves what he gets).
Reply to this comment
by DanKaminsky July 17, 2008 3:45 PM PDT
Penguinisto, this was the *legendary* PROTOS suite SNMP massacre. It caused A LOT of code to need rewriting. It was really, really important work.
by Penguinisto July 20, 2008 7:17 PM PDT
I agree for its time, and I certainly do not mean to dismiss the work. But to be honest, compared with DNS?
by Penguinisto July 20, 2008 7:35 PM PDT
Bah. After my last reply, something didn't sit right in my head... and so I went back and re-read the article. Turns out I totally missed the point, in that I mistakenly thought that the author was trying to raise an alarm, when in reality he was only using the SNMP bug as a prime example of how some things (even bad ones) never die.

My apologies for the misunderstanding.
by DanKaminsky July 17, 2008 3:43 PM PDT
Sounds like Ari did a great job, and though he was foiled by someone leaking (as we were terrified of through this entire process!) what he was working on was certainly cool. I wish we, as an industry, did more of it! I don't know about the assertion the companies aren't working on improving their quality assurance procedures. The whole concept of Codenomicon -- a very cool company, I'd like to point out -- is that companies would like to find their bugs before outsiders do.

As for fame and fortune...well, DNS servers stay unpatched for a long time. I'm just trying to get people to pay attention to these nodes which really are at the core of their network. So far, so good...
Reply to this comment
by ppppxx October 11, 2008 11:29 PM PDT
As for fame and fortune...well, DNS servers stay unpatched for a long time. I'm just trying to get people to pay attention to these nodes which really are at the core of their network. So far, so good...

Türkçe Mirc : http://mirc.nsohbet.com/turkce_mirc/turkce-mirc-v633.html
Reply to this comment
(6 Comments)
  • prev
  • 1
  • next
advertisement
Click Here

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

advertisement
advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET