North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Bellovin sez...
Forgive my directness, but there was no _new_ data at all in what the referenced URL quoted Steve/Matt as saying. Much of this goes (in the public literature) at least back to Steve's paper in ACM CCR in the late 80s. Others of it has been documented elsewhere in the public literature since then. Also note that clever operators _are_ taking steps like: - pushing vendors towards SNMPv3 with real security - deploying OSPF MD5 authentication/RIP MD5 authentication - deploying the TCP MD5 option to protect BGP sessions - using route servers - deploying Kerberos/SSH/IPsec to secure login connections to servers & disallowing unprotected connections - deploying IETF OTP or Bellcore S/Key on routers - ... Ran [email protected]