[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] SNMP on FW-1 machine
Unfortunately, in some cases, the firewall need to be monitored by HP Openview or BMC Patrol, and we are told to run SNMP on firewall. Any solution? Does stealth rule with IP spoofing configured enough to block the malicious activities? --- "Aaron D. Turner" <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > It does not need to be running/installed and almost > without exception you > should get rid of it due to the security > implications. (The only time I > can see it running is if you're using a SNMPv3 agent > utilizing encryption > and strong authentication.) > > - -- > Aaron D. Turner Security Architect, OneSecure > http://www.onesecure.com/ > [email protected] work:cell: >> pub 1024D/1B57EB4D 2000-09-27 Aaron D. Turner > <[email protected]> > Key fingerprint = F90C BFB4 4404 5504 295D > 4435 578B 1DD5 1B57 EB4D > All emails by me are PGP signed; an invalid > signature indicates a forgery. > > On Thu, 14 Dec 2000, Wonder Kid wrote: > > > > > Hi, > > > > Does anyone know whether FW-1 need SNMP services > to be > > turned on on NT4 or Solaris? > > > > If SNMP service is turned on NT4 or Solaris with > FW-1 > > installed, and no further configuration is done, > i.e. > > community strings etc were not changed, does it > has > > impact on FW-1? > > > > Microsoft had just released patches to resolve the > > registry key vulnerability related to SNMP > > > __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|