nanog mailing list archives
Re: not rewriting next-hop, pointing default, ...
From: Karl Denninger <karl () Mcs Net>
Date: Thu, 11 Sep 1997 18:03:34 -0500
On Thu, Sep 11, 1997 at 03:54:00PM -0800, Randy Bush wrote:
LSR is actually a significant security issue. So, while I do understand and am sympathetic to the operational debugging issues that LSR addresses, I think that requiring a peer to enable LSR more than 2 hops inside their network from the outside world is unreasonable.So, you're comfortable with asking for LSR at the IX and a hop behind?In a world where SSH were available in cisco routers and/or IPsec were more widely deployed, I might have different views.K5 does not give you sufficient warm fuzzies? randy
Get a few connections to your core hardware hijacked and you'll start installing hardwired modems on console ports and shutting off access to the telnet side entirely. That's a SERIOUS pain in the arse. -- -- Karl Denninger (karl () MCS Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service | NEW! K56Flex modem support is now available Voice: [+1 312 803-MCS1 x219]| 56kbps DIGITAL ISDN DOV on analog lines! Fax: [+1 312 803-4929] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal
Current thread:
- Re: not rewriting next-hop, pointing default, ..., (continued)
- Re: not rewriting next-hop, pointing default, ... Scott Huddle (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Paul A Vixie (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Sean M. Doran (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Scott Huddle (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Randy Bush (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Avi Freedman (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Naiming Shen (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Randy Bush (Sep 11)
- Message not available
- Re: not rewriting next-hop, pointing default, ... Ran Atkinson (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Randy Bush (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Karl Denninger (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Ran Atkinson (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Sean M. Doran (Sep 11)
- Message not available
- Re: LSR and packet filters Ran Atkinson (Sep 12)
- Re: LSR and packet filters Sean M. Doran (Sep 13)
- Re: LSR and packet filters Alex "Mr. Worf" Yuriev (Sep 13)
- Re: LSR and packet filters Sean M. Doran (Sep 14)
- Re: not rewriting next-hop, pointing default, ... Randy Bush (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Scott Huddle (Sep 11)
- Re: not rewriting next-hop, pointing default, ... Alex.Bligh (Sep 12)
- Re: not rewriting next-hop, pointing default, ... Sean M. Doran (Sep 13)
- Message not available
- Re: protecting operational networks Ran Atkinson (Sep 15)
- Re: protecting operational networks Vadim Antonov (Sep 15)