perfSONAR User Q&A and Other Discussion

["Roderick Mooi" <>]

Option #2 will be fine for us as well.

Thanks,

-- 
Senior Engineer: South African National Research Network (SANReN)
Meraka Institute, CSIR


 | +27 12 841 4111 | www.sanren.ac.za


>>> On 2014-07-09 at 21:26, "Preuss, Don (NIH/NLM/NCBI) [E]"
<>
 wrote:
> I'd go with #2 as well.
> 
>   Original Message
> From: Mark Foster
> Sent: Wednesday, July 9, 2014 14:25
> To: 
> 
>  
> Subject: Re: [Systems.network] [perfsonar-user] Re: Cacti/SNMP collection 
> via 
> the perfSONAR toolkit
> 
> 
> Based upon what Brian told me, we were one of the (very few) that said we 
> were actually using it. And our use was more out of (trivial) convenience 
> than need.  While I appreciate the efforts to secure it, and to provide 
> option 1, I'd suggest option 2.
> 
> -- Mark
> NASA Ames Research Center
> 
> On 7/9/2014 11:09 AM, Jason Zurawski wrote:
>> All;
>>
>> Jumping into the wayback machine for this one - earlier this year we did 
>> an 
> informal poll about who is using cacti, and who would be terribly bothered 
> about it disappearing.  At the time there was some support for it 
> remaining, 
> and some that felt it didn't provide a whole lot of value.
>>
>> Given the recent exploits of this product causing increased levels of 
> heartburn for those in the user community, we wanted to raise the issue 
> again 
> and this time offer some possible suggestions on ways forward:
>>
>> Option 1: Remain the same as we operate now.  Cacti is installed, it 
> receives regular patches for when exploits occur, and it is 'locked down' 
> to 
> only allow administrative users on the toolkit access (e.g. the public 
> viewable feature was removed a month ago after the last security 
> vulnerability)
>>
>> Option 2: Remove cacti from the default install (not with the next 
>> release, 
> but something in the near future), and provide a package (via yum) and 
> instructions that would restore it for sites that want to use the tool.
>>
>> Your feedback is valuable as we try to balance the needs of security and 
> functionality.
>>
>> Thanks;
>>
>> -jason
>>
>> On 13 February 2014 05:00, Brian Tierney 
>> <>
>>  wrote:
>>
>>> Hi All:
>>>
>>> We'd like to know if anyone is currently actually using Cacti, which is 
> bundled on the perfSONAR toolkit, for collection of SNMP data.
>>>
>>> We are considering removing this in future releases, and wonder if anyone 
> will notice.
>>>
>>>
>>> --
>>> Brian Tierney, http://www.es.net/tierney 
>>>
>>> Energy Sciences Network (ESnet)
>>>
>>> Berkeley National Lab
> 
> _______________________________________________
> Systems.network mailing list
> 
>  
> http://www.ncbi.nlm.nih.gov/mailman/listinfo/systems.network 
> 
> -- 
> This message is subject to the CSIR's copyright terms and conditions, 
> e-mail 
> legal notice, and implemented Open Document Format (ODF) standard. 
> The full disclaimer details can be found at 
> http://www.csir.co.za/disclaimer.html.
> 
> This message has been scanned for viruses and dangerous content by 
> MailScanner, 
> and is believed to be clean.
> 
> Please consider the environment before printing this email.


-- 
This message is subject to the CSIR's copyright terms and conditions, e-mail 
legal notice, and implemented Open Document Format (ODF) standard. 
The full disclaimer details can be found at 
http://www.csir.co.za/disclaimer.html.

This message has been scanned for viruses and dangerous content by 
MailScanner, 
and is believed to be clean.

Please consider the environment before printing this email.