snmp for security devices - DG-IDoT - mailman.kantarainitiative.org

newer
Todays IDoT Confcall

snmp for security devices

older
Challenges from the Identities of...

Salvatore D'Agostino

17 Dec 2013 17 Dec '13

6:01 p.m.

All, I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page. http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx Happy holidays. Sal Salvatore D'Agostino, CSCIP IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines +1 617.201.4809 ph | +1 617.812.6495 fax

Attachments:

attachment.html (text/html — 2.8 KB)
smime.p7s (application/x-pkcs7-signature — 5.9 KB)

Reply

Sign in to reply online Use email software

Show replies by date

Scott Shorter

17 Dec 17 Dec

7:07 p.m.

Thanks Sal, very helpful presentation. Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please! Best, Scott On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote:

All,

I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.

http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx

Happy holidays.

Sal

Salvatore D'Agostino, CSCIP

IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA

http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines

+1 617.201.4809 ph | +1 617.812.6495 fax

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

Reply

Sign in to reply online Use email software

Salvatore D'Agostino

8:52 p.m.

Reality of what's out there not what it should be. From: Scott Shorter [mailto:sshorter@electrosoft-inc.com] Sent: Tuesday, December 17, 2013 2:07 PM To: Salvatore D'Agostino Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices Thanks Sal, very helpful presentation. Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please! Best, Scott On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote: All, I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page. http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx Happy holidays. Sal Salvatore D'Agostino, CSCIP IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines +1 617.201.4809 tel:%2B1%20617.201.4809 ph | +1 617.812.6495 tel:%2B1%20617.812.6495 fax _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot -- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

Reply

Sign in to reply online Use email software

Colin Wallis

5 Mar 5 Mar

5:38 p.m.

New subject: New Trade Association for IOT

http://www.im2mc.org/files/Press%20Releases/IMC-MWC%20Release.pdf

Reply

Sign in to reply online Use email software

Ingo Friese

6 Mar 6 Mar

12:23 a.m.

New subject: confcall 7th March

Hi all, Unfortunatly I won't be able to attend our Fridays call. If someone is willing to facilitate the call I can give him the Moderator Code. Thank you in advance! Best Ingo

Am 06.03.2014 um 02:38 schrieb Colin Wallis :

http://www.im2mc.org/files/Press%20Releases/IMC-MWC%20Release.pdf

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

Reply

Sign in to reply online Use email software

Colin Wallis

10 Mar 10 Mar

4:35 a.m.

New subject: New Work Item proposal from CN on IoT

Folks I think I am able to share this because it has not yet received a project number from ISO (i.e.not yet voted as a project accepted by National Bodies). Enjoy.. :-) Comments welcome. Cheers Colin From: sal@idmachines.com To: sshorter@electrosoft-inc.com Date: Tue, 17 Dec 2013 15:52:15 -0500 CC: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices Reality of what’s out there not what it should be. From: Scott Shorter [mailto:sshorter@electrosoft-inc.com] Sent: Tuesday, December 17, 2013 2:07 PM To: Salvatore D'Agostino Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices Thanks Sal, very helpful presentation. Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please! Best, Scott On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote: All, I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page. http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx Happy holidays. Sal Salvatore D'Agostino, CSCIP IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA http:\\www.idmachines.com | http:\\idmachines.blogspot.com | @idmachines +1 617.201.4809 ph | +1 617.812.6495 fax _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot -- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793 _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

Reply

Sign in to reply online Use email software

j stollman

4:31 p.m.

New subject: New Work Item proposal from CN on IoT

Colin, Thank you for forwarding this document. To my mind, the proposed model is far too complex and seeks to combine logical, physical and market models that are better segregated into separate layers. In the proposed ISO model, the domain "IoT Systems" appears to be a superset of components such as "Sensors" and "Things'Objects". How can the system and its components be equal domains in an architecture? Similarly, "Markets" appears to be a superset of components "Service Providers" and "Customers." I believe that the proposed model is ill-conceived and lacks much input from diverse sources. I think that the model that our DG has been working on is more likely to provide a useful reference architecture -- though we have focused primarily on the logical layer. If ISO does go forward with this proposal, how do we keep them from accepting this mish-mash? Jeff On Sun, Mar 9, 2014 at 11:35 PM, Colin Wallis wrote:

Folks I think I am able to share this because it has not yet received a project number from ISO (i.e.not yet voted as a project accepted by National Bodies). Enjoy.. :-) Comments welcome. Cheers Colin

------------------------------ From: sal@idmachines.com To: sshorter@electrosoft-inc.com Date: Tue, 17 Dec 2013 15:52:15 -0500 CC: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices

Reality of what's out there not what it should be.

*From:* Scott Shorter [mailto:sshorter@electrosoft-inc.com] *Sent:* Tuesday, December 17, 2013 2:07 PM *To:* Salvatore D'Agostino *Cc:* dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] snmp for security devices

Thanks Sal, very helpful presentation.

Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please!

Best,

Scott

On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote:

All,

I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.

http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx

Happy holidays.

Sal

Salvatore D'Agostino, CSCIP

IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA

http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines

+1 617.201.4809 ph | +1 617.812.6495 fax

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc.

sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 Truth never triumphs -- its opponents just die out. Science advances one funeral at a time. Max Planck

Reply

Sign in to reply online Use email software

Colin Wallis

11 Mar 11 Mar

1:50 a.m.

New subject: New Work Item proposal from CN on IoT

Thanks Jeff Useful insights. <> Good point. We only have a liaison with Working Group 5 (Security and Privacy). This is targeted at WG7. All we could do is point out the issue to Kantara members, who may wish to take it up with their National Body reps. Maybe the BoT Liaison list has other ideas.. Cheers Colin Date: Mon, 10 Mar 2014 11:31:40 -0500 Subject: Re: [DG-IDoT] New Work Item proposal from CN on IoT From: stollman.j@gmail.com To: colin_wallis@hotmail.com CC: dg-idot@kantarainitiative.org Colin, Thank you for forwarding this document. To my mind, the proposed model is far too complex and seeks to combine logical, physical and market models that are better segregated into separate layers. In the proposed ISO model, the domain "IoT Systems" appears to be a superset of components such as "Sensors" and "Things'Objects". How can the system and its components be equal domains in an architecture? Similarly, "Markets" appears to be a superset of components "Service Providers" and "Customers." I believe that the proposed model is ill-conceived and lacks much input from diverse sources. I think that the model that our DG has been working on is more likely to provide a useful reference architecture -- though we have focused primarily on the logical layer. If ISO does go forward with this proposal, how do we keep them from accepting this mish-mash? Jeff On Sun, Mar 9, 2014 at 11:35 PM, Colin Wallis wrote: Folks I think I am able to share this because it has not yet received a project number from ISO (i.e.not yet voted as a project accepted by National Bodies). Enjoy.. :-) Comments welcome. Cheers Colin <snip>

Reply

Sign in to reply online Use email software

Scott Shorter

20 May 20 May

1:58 p.m.

Hi all, I'm resurrecting this old thread to share a happy update. I just learned about RFC 3414 http://www.ietf.org/rfc/rfc3414.txt and RFC 3826http://www.ietf.org/rfc/rfc3826.txtwhich add support for SHA-1 and AES to SNMPv3. - Scott On Tue, Dec 17, 2013 at 3:52 PM, Salvatore D'Agostino wrote:

Reality of what’s out there not what it should be.

*From:* Scott Shorter [mailto:sshorter@electrosoft-inc.com] *Sent:* Tuesday, December 17, 2013 2:07 PM *To:* Salvatore D'Agostino *Cc:* dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] snmp for security devices

Thanks Sal, very helpful presentation.

Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please!

Best,

Scott

On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote:

All,

I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.

http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx

Happy holidays.

Sal

Salvatore D'Agostino, CSCIP

IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA

http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines

+1 617.201.4809 ph | +1 617.812.6495 fax

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc.

sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

Reply

Sign in to reply online Use email software

Salvatore D'Agostino

3:43 p.m.

Scott, Yes this has been around for a while. It certainly matters how people use SNMP. Like most things done badly a number of attacks afford. See recent open redirects on Connect. Implementations matter. We are continuing the work referenced below with SNMP around physical security system networked devices. Regards, Sal From: Scott Shorter [mailto:sshorter@electrosoft-inc.com] Sent: Tuesday, May 20, 2014 9:59 AM To: Salvatore D'Agostino Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices Hi all, I'm resurrecting this old thread to share a happy update. I just learned about RFC 3414 http://www.ietf.org/rfc/rfc3414.txt and RFC 3826 http://www.ietf.org/rfc/rfc3826.txt which add support for SHA-1 and AES to SNMPv3. - Scott On Tue, Dec 17, 2013 at 3:52 PM, Salvatore D'Agostino wrote: Reality of what’s out there not what it should be. From: Scott Shorter [mailto:sshorter@electrosoft-inc.com] Sent: Tuesday, December 17, 2013 2:07 PM To: Salvatore D'Agostino Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices Thanks Sal, very helpful presentation. Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please! Best, Scott On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino wrote: All, I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page. http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx Happy holidays. Sal Salvatore D'Agostino, CSCIP IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines +1 617.201.4809 tel:%2B1%20617.201.4809 ph | +1 617.812.6495 tel:%2B1%20617.812.6495 fax _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot -- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 tel:703-437-9451%20x21 M: 240-994-7793 -- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793

Reply

Sign in to reply online Use email software

3847

Age (days ago)

3926

Last active (days ago)

Download

9 comments

5 participants

tags

participants (5)

Colin Wallis
Ingo Friese
j stollman
Salvatore D'Agostino
Scott Shorter