6 Mar
2002
6 Mar
'02
10:42 a.m.
On Wed, 6 Mar 2002, Steven M. Bellovin wrote:
I was agreeing with Eric's point. I've been saying this for years. My comment about the packet filter was to deal with services that are needed for some internal purposes, but for some reason can't protect themselves. Right now, that's snmp -- you may have snmpd running on your mail server, but given the recent CERT advisory you need to keep the bad guys away from it. (Yes, you should install fixed code -- but given how many components were affected by that advisory, it's quite obvious that no one has had time to test the fixes properly.)
Okey-dokey :) I missed that part (the agreement part)