nanog mailing list archives
Re: customers and web servers and level one naps
From: Alexis Rosen <alexis () panix com>
Date: Fri, 13 Sep 1996 04:29:25 -0400 (EDT)
Curtis Villamizar writes:
It is possible though admitedly not easy to secure a Unix machine quite tightly (and still put some services on it allowing it to do some useful work) since the services needed for remote administrative access can be fully encrypted. It is not possible to secure a router from the major router vendors at the present time since administrative access involves telnet access where the open TCP session has full priviledges and remains "in the clear" for long periods of time and ready for hijack.
If (and only if) you're competent to secure a Unix box, this is pretty easy to deal with. Put one on a private wire with the router, connect to it in a secure encrypted fashion (kerb or ssh, these days?), and from there cleartext telnet to the router is fine. Of course, it costs money. But you can get away with one box and one private net for all the routers in one location, assuming all the routers are in the same security zone. /a - - - - - - - - - - - - - - - - -
Current thread:
- major?, (continued)
- major? bmanning (Sep 05)
- Re: customers and web servers and level one naps Stephen Stuart (Sep 05)
- Re: customers and web servers and level one naps Michael Dillon (Sep 05)
- Re: customers and web servers and level one naps Srinivasarao Mulugu (Sep 10)
- Re: customers and web servers and level one naps Michael Dillon (Sep 10)
- Re: customers and web servers and level one naps Srinivasarao Mulugu (Sep 10)
- Re: customers and web servers and level one naps Michael Dillon (Sep 10)
- Re: customers and web servers and level one naps Steve Schnell, Sprint Corporation (Sep 11)
- Re: customers and web servers and level one naps Jim J. Steinhard (Sep 12)
- Re: customers and web servers and level one naps Curtis Villamizar (Sep 12)
- Re: customers and web servers and level one naps Alexis Rosen (Sep 13)
- Re: customers and web servers and level one naps Stephen Stuart (Sep 05)
- Re: customers and web servers and level one naps Paul A Vixie (Sep 05)
- Re: customers and web servers and level one naps Avi Freedman (Sep 05)
- Message not available
- Re: customers and web servers and level one naps Dean Gaudet (Sep 06)
- Re: customers and web servers and level one naps Gordon Cook (Sep 05)