[SP-pm] Monitorar processos gerados pelo system

Solli Honorio shonorio at gmail.com
Mon Nov 23 11:43:23 PST 2009


2009/11/23 Lindolfo "Lorn" Rodrigues <lorn.br em gmail.com>

> Direto da wikipedia:
> http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Security_implications
> <%20
> http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Security_implications
> >
> Security implications
>
>   - SNMP versions 1 and 2c are subject to packet
> sniffing<http://en.wikipedia.org/wiki/Packet_sniffer>of the clear text
> community string from the network traffic, because they do
>   not implement encryption.
>   - All versions of SNMP are subject to brute
> force<http://en.wikipedia.org/wiki/Brute_force_attack>and dictionary
>   attacks <http://en.wikipedia.org/wiki/Dictionary_attack> for guessing
> the
>   community strings/authentication strings/authentication keys/encryption
>   strings/encryption keys, because they do not implement a
> challenge-response
>   handshake<
> http://en.wikipedia.org/wiki/Challenge-handshake_authentication_protocol>.
>   Entropy <http://en.wikipedia.org/wiki/Information_entropy> is an
>   important consideration when selecting keys, passwords and/or algorithms
>

O emails tem mais problemas que estes, e não vejo ninguém recusando a
utilização dos email.... pelo contrário, é comum ver as empresas colocarem
sistemas críticos sob o email.

-- 
"o animal satisfeito dorme". - Guimarães Rosa
-------------- Pr?xima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://mail.pm.org/pipermail/saopaulo-pm/attachments/20091123/dd13d046/attachment-0001.html>


More information about the SaoPaulo-pm mailing list