Public bug reported:
A couple of times recently, I have started an Ubuntu live CD at work,
shortly after which I get an upset security guy wanting to know why my
IP address is trying to log into lots of the network infrastructure.
Sure enough I can see that as I started the live CD, all switches in the
building sent an Authentication Failed trap to their management systems,
naming my IP address as the source of the failed access attempt. IT are
suspicious enough of Linux and open source software in general as it is,
and finding out that Ubuntu is trying to access all the local network
infrastructure without permission and without the users knowlege only
serves to prove their suspicions correct.
I have just started a live CD at home while watching it with wireshark,
and I think the cause of the problem is that the live CD broadcasts an
SNMP GET (actually, a local subnet multicast) with a community string
set to "public". I have no idea what process does this, but I think it's
a Really Bad Idea. It means I can't start a live CD at work because the
security folk will have a hissi fit, and I really can't imagine that it
would ever glean anything useful from the results anyway.
So I would like to propose that you remove this "feature" from future
releases.
I specifically saw this behaviour in the Karmic 9.10 i386 Desktop
live/installer CD.
** Affects: ubuntu
Importance: Undecided
Status: New
--
Live CT triggers security alert
https://bugs.launchpad.net/bugs/525291
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
