[94328] in North American Network Operators' Group
RE: FW: [cacti-announce] Cacti 0.8.6j Released (fwd)
daemon@ATHENA.MIT.EDU (Jim Popovitch)
Thu Jan 18 17:52:19 2007
From: Jim Popovitch <jimpop@yahoo.com>
To: "Berkman, Scott" <Scott.Berkman@Reignmaker.net>
Cc: Jon Lewis <jlewis@lewis.org>,
Jeremy Chadwick <nanog@jdc.parodius.com>,
Gadi Evron <ge@linuxbox.org>, nanog@merit.edu
In-Reply-To: <8FB2C86BB1EB01498A59A762F6CD556F0BB7AFB9@MAPI.iconnection.com>
Date: Thu, 18 Jan 2007 17:51:24 -0500
Errors-To: owner-nanog@merit.edu
--=-ko1IE3RKh8IqDdtBEBxM
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Thu, 2007-01-18 at 14:33 -0700, Berkman, Scott wrote:
> There is this Network Management theory called Out of Band Management.
Which is rarely properly applied. I lost count of the data centers that
block mgmt traffic from external customers, but leave internal systems
(which are often "sublet" to all sorts of external customers) wide open
to mgmt servers/devices. Unfortunately mgmt systems need access to
whatever they are monitoring, so if you're monitoring customer systems
then you are more than likely exposed and should take high-priority at
tightening your NMS systems. I know, I work for a NMS vendor and I
wouldn't sign my name certifying that our stuff is secure. It's funny
how pen testing seems to avoid NMS stuff.
-Jim P.=20
--=-ko1IE3RKh8IqDdtBEBxM
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQBFr/nsMyG7U7lo69MRApVxAJ9KCMFhsH2XfpRTNL1YSl+XjV6UXgCgwVIN
L1QfbtLpUH4M9BQU9q8rLtQ=
=Ozn/
-----END PGP SIGNATURE-----
--=-ko1IE3RKh8IqDdtBEBxM--
