North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is anyone actually USING IP QoS?

  • From: Brett_Watson
  • Date: Wed Jun 16 14:25:55 1999

On 06/16/99 10:55:40 AM Alex P. Rudnev wrote:

>They (cisco) promised to realise ssh. Hope we'll see it in a few years,
>For now, install IPSEC, tunnel, bla-bla-bla, and may be you'll have a
>piece of security.

cisco *has* released code with ssh (ok, not released in the cisco-sense but
you can get it)

>Unix machine... drop all services you don't need, run your services not
>as the root, install secure level or read-onl.y file system - and no
>problems.

this is just rediculous.  it's not as simple as "no problems".   the things
you state are rather obvious but for a system to be used as *anything*
(cache, web server, video server, etc) you simply have to have certain
ports open, many times simple udp ports.  locking down down services/ports,
and running anything you can as non-root certainly goes a long way in
protecting the system but it's just not that cut and dried.

 i'll give you and vadim full credit for being math wizards, or scientists
(which i clearly am not) but don't choose your next career in the
computer/network security industry.  :)

-brett