Quoting Michal Zalewski (lcamtufat_private): > On Tue, 15 Feb 2000, harikiri wrote: > > > It appears that on the above releases of AIX, the SNMP daemon is > > enabled by default and two community names are enabled with read/write > > privileges. The community names are "private" and "system", but are > > only allowed from localhost connections. Nevertheless, a local user > > may install an SNMP client, and modify sensitive variables. > > SNMP requests with no authentication except for source-IP comparsion, are > spoofable. > All recent versions of AIX discard packets with a source address of loopback when the packet comes in on an external interface. The following APARs have been available for over 2 years: Abstract: SECURITY: discard loopback packets on external interfaces 4.1.x APAR: IX71366 4.2.x APAR: IX71405 4.3.x APAR: included in 4.3.0 initial release -- Troy Bollinger troyat_private AIX Security Development security-alertat_private PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:36:35 PDT