nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [nv-l] TRAP special character handling

from [James Shanks] [Permanent Link][Original]
To: nv-l@lists.us.ibm.com
Subject: Re: [nv-l] TRAP special character handling
From: James Shanks <jshanks@us.ibm.com>
Date: Mon, 8 Dec 2003 17:37:35 -0500
Delivery-date: Mon, 08 Dec 2003 23:06:54 +0000
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com 



The point is that the level of security is up to YOU and that NetView will
not blindly run some damaging command with root authority just because some
unscrupulous source spoofed you and sent it in trap.   How carefully you
check the incoming variable to determine its authenticity is up to you.

James Shanks
Level 3 Support  for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group


                                                                                
                              
                      Jeff Fitzwater                                            
                              
                      <jfitz@princeton.        To:       Netview 
<nv-l@lists.us.ibm.com>                      
                      edu>                     cc:                              
                              
                      Sent by:                 Subject:  [nv-l] TRAP special 
character handling               
                      owner-nv-l@lists.                                         
                              
                      us.ibm.com                                                
                              
                                                                                
                              
                                                                                
                              
                      12/08/03 04:37 PM                                         
                              
                      Please respond to                                         
                              
                      nv-l                                                      
                              
                                                                                
                              
                                                                                
                              




NV 7.14
Sol 8


I use a script to alert me of duplicate MAC address on router interfaces,
by running script via the RULESET.


The trap contains the  address of the mac thief in CISCO format ie..
"0030.6537.6231".


This is passed to script as variable.


When I receive the trap via email/pager it shows up with the backslash
before each "decimal point", as the Netview documentation indicates it
would.   "0030\.6537\.6231"


Q1  If I just use SED to replace the "\." with "." in my script that is run
from the RULESET via ovactionsvr,  isn't this just circumventing the
security hole?  The doc states that the ovactionsvr ESCAPES the "-" and "."
characters;  My scripts removes the ESCAPE or is it SAFE at this point.


I know I can disable this feature but choose not too.



Thanks for any help.




Jeff Fitzwater
OIT Systems & Networking
Princeton University
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [nv-l] servmon and itmquery in NV 7.1.4, James Shanks
Next by Date:  Re: [nv-l] SNMP Polling via a MLM, Paul
Previous by Thread:  [nv-l] TRAP special character handling, Jeff Fitzwater
Next by Thread:  [nv-l] webserver / jetty resource hogging, Qureshi, Fawad
Indexes:  [Date] [Thread] [Top] [All Lists]

Archive operated by Skills 1st Ltd

See also: The NetView Web