nanog mailing list archives
Re: IT security people sleep well
From: "Stephen Sprunk" <stephen () sprunk org>
Date: Mon, 7 Jun 2004 20:46:36 -0500
Thus spake "Henning Brauer" <hb-nanog () bsws de>
* Robert Boyle <robert () tellurian com> [2004-06-07 14:08]:I really truly don't see the problem with plaintext telnet management of routers.It is exactly this belief in the security of your networks that gets this industry in so deep shit.
Mostly agreed.
You loose nothing with using ssh instead of telnet. You win a lot.
You lose money and time because you have to license more expensive code, upgrade RAM and flash to handle larger images, have to train your staff how to use SSH, have to test and roll out changes enabling SSH and disabling telnet, have to deal with sub-300-baud interactive performance on older router models, etc. In spite of all that, I do encourage using SSH whenever possible, but believing there is no cost associated with doing so is foolhardy. Depending on the perceived level of threat, one might consider other security projects to be a higher priority. We all have to deal with limited funding and staffing for projects, even for critical functions like security. S Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin
Current thread:
- Re: SSH on the router - was( IT security people sleep well), (continued)
- Re: SSH on the router - was( IT security people sleep well) Alex Bligh (Jun 07)
- Re: SSH on the router - was( IT security people sleep well) Randy Bush (Jun 07)
- Re: IT security people sleep well Daniel Senie (Jun 06)
- Re: IT security people sleep well Priscilla Oppenheimer (Jun 07)
- Re: IT security people sleep well Stephen Sprunk (Jun 07)
- Re: IT security people sleep well Robert Boyle (Jun 06)
- Re: IT security people sleep well Henning Brauer (Jun 07)
- Re: IT security people sleep well Robert Boyle (Jun 07)
- Re: IT security people sleep well Henning Brauer (Jun 07)
- Re: IT security people sleep well Stephen Sprunk (Jun 07)
- Re: IT security people sleep well Valdis . Kletnieks (Jun 07)
- Re: IT security people sleep well Henning Brauer (Jun 08)
- RE: IT security people sleep well Dan Hollis (Jun 07)
- Re: IT security people sleep well Valdis . Kletnieks (Jun 07)
- RE: IT security people sleep well Edward B. Dreger (Jun 07)
- Re: IT security people sleep well Adrian Chadd (Jun 07)
- Re: IT security people sleep well Suresh Ramasubramanian (Jun 07)