[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Ballot: Remote Network Monitoring MIB Protocol Identifier Reference to Draft Standard (Revised)
- To: IESG Secretary <iesg-secretary@ietf.org>
- Subject: Re: Ballot: Remote Network Monitoring MIB Protocol Identifier Reference to Draft Standard (Revised)
- From: "Steven M. Bellovin" <smb@research.att.com>
- Date: Wed, 11 Jun 2003 17:14:27 -0400
- Cc: Internet Engineering Steering Group <iesg@ietf.org>
In message <200306051255.IAA22857@ietf.org>, IESG Secretary writes:
>
> Yes No-Objection Discuss * Abstain
>
>Steve Bellovin [ ] [ ] [ x ] [ ]
Mmm -- I think I'd like the Security Considerations to say something
like this:
The security sensitivity of a macro is at least as great as
the sensitivity of any of its components, and sometimes greater.
For example, read access to port numbers alone is of mild
interest; the same is true for read access to host addresses
and TCP sequence numbers. However, the set of all of that
information for any one connection allows easy session
hijacking.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)