Public bug reported: A couple of times recently, I have started an Ubuntu live CD at work, shortly after which I get an upset security guy wanting to know why my IP address is trying to log into lots of the network infrastructure. Sure enough I can see that as I started the live CD, all switches in the building sent an Authentication Failed trap to their management systems, naming my IP address as the source of the failed access attempt. IT are suspicious enough of Linux and open source software in general as it is, and finding out that Ubuntu is trying to access all the local network infrastructure without permission and without the users knowlege only serves to prove their suspicions correct.
I have just started a live CD at home while watching it with wireshark, and I think the cause of the problem is that the live CD broadcasts an SNMP GET (actually, a local subnet multicast) with a community string set to "public". I have no idea what process does this, but I think it's a Really Bad Idea. It means I can't start a live CD at work because the security folk will have a hissi fit, and I really can't imagine that it would ever glean anything useful from the results anyway. So I would like to propose that you remove this "feature" from future releases. I specifically saw this behaviour in the Karmic 9.10 i386 Desktop live/installer CD. ** Affects: ubuntu Importance: Undecided Status: New -- Live CT triggers security alert https://bugs.launchpad.net/bugs/525291 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs