Re: Cisco Security Advisory
On 3/27/2014 7:44 PM, Alexander Neilson wrote:
I wonder if they should be invited to only post a single message with the titles and links to the alerts so that people can follow it up.
If a person is on multiple of *NOG mailing lists a lot of these're received. For example, I got well over 30 of them this round. It'd be nice to get something brief like this: ---------------------------------------------- The Semiannual Cisco IOS Software Security Advisory has been released. For information please goto this URL: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar14.html Advisory titles: - Session Initiation Protocol Denial of Service Vulnerability - Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability - Internet Key Exchange Version 2 Denial of Service Vulnerability - Network Address Translation Vulnerabilities - SSL VPN Denial of Service Vulnerability - Crafted IPv6 Packet Denial of Service Vulnerability ----------------------------------------------- Not everyone uses cisco and not everyone needs to see every vulnerability detail email multiple times. Imagine if all vendors started doing what cisco is doing. :-( scott
On 3/28/2014 4:11 PM, Scott Weeks wrote:
If a person is on multiple of *NOG mailing lists a lot of these're received. For example, I got well over 30 of them this round. It'd be nice to get something brief like this:
---------------------------------------------- The Semiannual Cisco IOS Software Security Advisory has been released.
For information please goto this URL: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar14.html
Advisory titles: - Session Initiation Protocol Denial of Service Vulnerability - Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability - Internet Key Exchange Version 2 Denial of Service Vulnerability - Network Address Translation Vulnerabilities - SSL VPN Denial of Service Vulnerability - Crafted IPv6 Packet Denial of Service Vulnerability -----------------------------------------------
Not everyone uses cisco and not everyone needs to see every vulnerability detail email multiple times. Imagine if all vendors started doing what cisco is doing. I hate that it's spam for some and relevant for others, but in the NSP world you can almost be certain that someone is going to have at least some Cisco equipment (even companies who are known to dislike Cisco enough to avoid them religiously have bought other companies who might have Cisco gear)
Having the vulnerability in the subject draws attention to the problems and makes people less likely to ignore it. When I see keywords of technologies I'm using, like IPv6 or 6500 I tend to read through carefully to see if I'm vulnerable. Because it can be difficult and time consuming to see if all your gear is vulnerable, If it's a bug in <obscure card I didn't buy one of> or <weird technology I haven't had a chance to run> then I'm not as diligent. I guess I might be selfish because seeing 5 advisories at once is like a giant line break in NANOG discussions, so it's harder to tune it out and skip the emails :) They could Bcc: all the lists they are sending to in one set of emails so the message-id is the same, then you could filter duplicates at least. Or they could do the summary email like you guys want, whichever makes people happy. :)
:-(
scott
:-( Robert
participants (2)
-
Robert Drake
-
Scott Weeks