[SP-pm] Monitorar processos gerados pelo system
Solli Honorio
shonorio at gmail.com
Mon Nov 23 11:43:23 PST 2009
2009/11/23 Lindolfo "Lorn" Rodrigues <lorn.br em gmail.com>
> Direto da wikipedia:
> http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Security_implications
> <%20
> http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Security_implications
> >
> Security implications
>
> - SNMP versions 1 and 2c are subject to packet
> sniffing<http://en.wikipedia.org/wiki/Packet_sniffer>of the clear text
> community string from the network traffic, because they do
> not implement encryption.
> - All versions of SNMP are subject to brute
> force<http://en.wikipedia.org/wiki/Brute_force_attack>and dictionary
> attacks <http://en.wikipedia.org/wiki/Dictionary_attack> for guessing
> the
> community strings/authentication strings/authentication keys/encryption
> strings/encryption keys, because they do not implement a
> challenge-response
> handshake<
> http://en.wikipedia.org/wiki/Challenge-handshake_authentication_protocol>.
> Entropy <http://en.wikipedia.org/wiki/Information_entropy> is an
> important consideration when selecting keys, passwords and/or algorithms
>
O emails tem mais problemas que estes, e não vejo ninguém recusando a
utilização dos email.... pelo contrário, é comum ver as empresas colocarem
sistemas críticos sob o email.
--
"o animal satisfeito dorme". - Guimarães Rosa
-------------- Pr?xima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://mail.pm.org/pipermail/saopaulo-pm/attachments/20091123/dd13d046/attachment-0001.html>
More information about the SaoPaulo-pm
mailing list