> In summary: there's a new, big, bad, pervasive exploit for SNMP. > Quoted at the end is the relevant part of the monthly newsletter from > CounterPane.Com - they seem genuine to my eyes. The newsletter is > available in it's entirety online via: > http://www.counterpane.com/crypto-gram-0203.html > > Because of the pervasive existence of SNMP, the apparent > less-than-justified media attention and potential (DOS and/or root?) of > the problem I'm mentioning it in this list. Even if it doesn't affect > the default leaf install it may be significant to netadmins. > > My personally-interested question is: are there any raw components > of the leaf (Dachstein) distributions that are effected by this > vulnerability? Any sub-components? Do we need to update our boxen?
I believe the versions of SNMP included on my Dachstein releases are affected. The latest netsnmp package from the LEAF site may be current enough to be fixed, but you'll have to check the version numbers. You may want/need to up date your boxen...I probably need to get my act together and make a new release of Dachstein-CD. I still have a number of exploitable systems in the field (getting all remote systems updated takes a while), but they're behind pretty paranoid firewall rulesets, allowing only specific IP's to make SNMP queries. This isn't a perfect solution, but is a good example of why you want defense in deapth, and how the concept of permitting only specified services & denying everything else (vs trying to deny undesired behavior) can protect you from unforseen problems (at least for a while). NOTE: CD users can put updated packages on their floppy disk...boot times will increase slightly, but it can be easier than creating/burning a new CD. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
