> The ability to remotely shut off alarms seems to have a slightly different > security consideration that the usual MIB document, yet this document has > the typical boilerplate.
But... it is not JUST Boilerplate !!! I did (and normally always do) ask them to be specific and explain what the vulnerabilities are and I think they did. They have in the security section:
network operations. These are the tables and objects and their sensitivity/vulnerability:
arcTITimeInterval, arcCDTimeInterval, arcState, arcNalmTimeRemaining, arcRowStatus, arcStorageType.
Setting these objects may have disruptive effects on network operation that range from omission of alarm notifications to flooding of unwanted alarm notifications from the netowrk.
Maybe you do not find that detailed/speciifc enough? But I am not sure we want them to go into detail about specific alarms, cause this table is a generic table.