nanog mailing list archives
Re: Is anyone actually USING IP QoS?
From: "Alex P. Rudnev" <alex () Relcom EU net>
Date: Wed, 16 Jun 1999 21:55:40 +0400 (MSD)
They (cisco) promised to realise ssh. Hope we'll see it in a few years, For now, install IPSEC, tunnel, bla-bla-bla, and may be you'll have a piece of security. It's amazing but some hacker's scan erased all our 7206 routers onse (PROM erased withouth any traces of intrusion, and due to accounting it was some kind of scanning, not more). Unix machine... drop all services you don't need, run your services not as the root, install secure level or read-onl.y file system - and no problems. DoS attacks themself are not a problem in case of right resource allocation policy (resource is not only memory but sockets, ports, etc etc).
attacks, and can be running services listening on a port which can potentially be "hacked". my only point is that you are trading a set of security issues in multicast for *different* security issues with a cache.A Unix machine can be secured a lot better than any commercial router. For one, you can get a source code from it and see what the hell it is doing and fix discovered security holes ASAP. Second, just run SSH or Kerberos. SSH on cisco, anyone? Nyah. --vadim
Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
Current thread:
- RE: Is anyone actually USING IP QoS?, (continued)
- RE: Is anyone actually USING IP QoS? Jamie Scheinblum (Jun 15)
- Re: Is anyone actually USING IP QoS? hardie (Jun 15)
- RE: Is anyone actually USING IP QoS? Alex P. Rudnev (Jun 16)
- Re: Is anyone actually USING IP QoS? Vadim Antonov (Jun 15)
- Re: Is anyone actually USING IP QoS? Vijay Gill (Jun 15)
- Re: Is anyone actually USING IP QoS? smd (Jun 15)
- RE: Is anyone actually USING IP QoS? Vadim Antonov (Jun 15)
- Re: Is anyone actually USING IP QoS? Brett_Watson (Jun 16)
- Re: Is anyone actually USING IP QoS? Vadim Antonov (Jun 16)
- Re: Is anyone actually USING IP QoS? Dorian Kim (Jun 16)
- Re: Is anyone actually USING IP QoS? Alex P. Rudnev (Jun 16)
- Re: Is anyone actually USING IP QoS? Stephen Sprunk (Jun 16)
- Re: Is anyone actually USING IP QoS? Brett_Watson (Jun 16)
- Re: Is anyone actually USING IP QoS? Majdi Abbas (Jun 16)
- Re: Is anyone actually USING IP QoS? Alex P. Rudnev (Jun 16)
- Re: Is anyone actually USING IP QoS? Majdi Abbas (Jun 16)
- Re: Is anyone actually USING IP QoS? Brett_Watson (Jun 16)
- [unix security] Re: Is anyone actually USING IP QoS? Alex P. Rudnev (Jun 16)
- Re: Is anyone actually USING IP QoS? Vadim Antonov (Jun 16)
- RE: Is anyone actually USING IP QoS? Jamie Scheinblum (Jun 15)