|
Re: [nv-l] TRAP special character handling
2003-12-08 18:06:53
The point is that the level of security is up to YOU and that NetView will
not blindly run some damaging command with root authority just because some
unscrupulous source spoofed you and sent it in trap. How carefully you
check the incoming variable to determine its authenticity is up to you.
James Shanks
Level 3 Support for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group
Jeff Fitzwater
<jfitz@princeton. To: Netview <nv-l AT
lists.us.ibm DOT com>
edu> cc:
Sent by: Subject: [nv-l] TRAP special
character handling
owner-nv-l@lists.
us.ibm.com
12/08/03 04:37 PM
Please respond to
nv-l
NV 7.14
Sol 8
I use a script to alert me of duplicate MAC address on router interfaces,
by running script via the RULESET.
The trap contains the address of the mac thief in CISCO format ie..
"0030.6537.6231".
This is passed to script as variable.
When I receive the trap via email/pager it shows up with the backslash
before each "decimal point", as the Netview documentation indicates it
would. "0030\.6537\.6231"
Q1 If I just use SED to replace the "\." with "." in my script that is run
from the RULESET via ovactionsvr, isn't this just circumventing the
security hole? The doc states that the ovactionsvr ESCAPES the "-" and "."
characters; My scripts removes the ESCAPE or is it SAFE at this point.
I know I can disable this feature but choose not too.
Thanks for any help.
Jeff Fitzwater
OIT Systems & Networking
Princeton University
|
|
|
