Ethereal-dev: Re: [Ethereal-dev] Re: [PATCH] SNMP Engine ID dissection

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Thomas Anders <thomas.anders@xxxxxxxxxxxxx>
Date: Mon, 15 Aug 2005 21:51:55 +0200
Wes Hardaker wrote:

I haven't looked at the code, but I would be cautious and careful.
engineIDs are really arbitrary strings and do have encoding
conventions, but I wouldn't rely heavily on them too much.
Specifically, I'd be *really* careful to avoid assumptions about their
length and whether they were encoded according to the spec or
enterprise number, etc, but I'm betting (hoping) you've done that.
I think I've done that. Otherwise, the code wouldn't have passed review and extensive fuzz testing. 


Essentially they're really not meant to be decoded and not meant to
contain dependable information, even though they look like they
should.  They should, however, be unique per host (and many of the
default encoding mechanisms in the original RFCs don't really deal
with this well).
That's exactly what this code intends to deal with! Once you see what your arbitrary-looking engine ID is built upon, it's much easier to decide how likely it is to be unique within your management domain. How many people will spot the problem with e.g. 0x80001f88017f000001 w/o Ethereal? ;-) 


+Thomas

--
Thomas Anders (thomas.anders at blue-cable.de)