Re: Testing at IETF Meetings (continued)

["Steven M. Bellovin" <smb@research.att.com>]

In message <5.1.0.14.2.20030916145251.022a8ff8@colossus.foretec.com>, "Barbara 
B. Fuller" writes:
>Dear IESG Members:
>
>I am forwarding portions of a message from Kevin Almeroth to Brett Thorson 
>containing more details about his testing plans for Minneapolis.
>
>Regards,
>
>Barbara
>---------------------------------------------------------------------------
>On Monday 15 September 2003 13:13, Kevin C. Almeroth wrote:
> > BTW, more info and a question.  (I've CC'ed the person who will be running
> > and coordinating the whole project:  Krishan Ramachandran).
> >
> > Details on what we would like:
> >
> > 1.  SNMP access (either from one of our UCSB machines or a
> > machine we put at the IETF) to each wireless AP.  From these
> > APs we want to collect data from a variety of MIBs at intervals
> > as short as one minute (or what load will allow without causing
> > problems).
> >
> > 2.  In conjunction with #1, we'd like to have access to all
> > egress traffic so we can do a tcpdump of snaplen 60 bytes.  We'll
> > provide the machine, we just need a 100 Mbps Ethernet port.
> >
> > 3.  We also want to set up a test network for supporting ad hoc
> > networking.  Basically, we'll set up 3-4 gateways at the edge
> > of the IETF network and this will provide access to people with
> > wireless cards who want to roam around using AODV.  We'll
> > eventualy be clearer about what our needs are from the IETF
> > but this is the basic idea for now.
> >
> > The question:  do you know what which vendors AP you'll be
> > using?  It makes a difference because each implements a
> > different set of MIBs (related to #1).

I'd love to see the "Security Considerations" for this plan.  I mean, 
lots of security folk monitor the wireless net for cleartext passwords, 
but this scheme will centralize it and get all such passwords, not just 
one AP at a time...


		--Steve Bellovin, http://www.research.att.com/~smb