nanog mailing list archives

Re: SSH on the router - was( IT security people sleep well)

From: Randy Bush <randy () psg com>
Date: Mon, 7 Jun 2004 11:10:16 -0700

Once you open the router to SSH from arbitrary locations on
the Internet


i don't think anyone (sane) was suggesting that.  but my
competitors are encouraged to do so.

It makes more sense to funnel everything through secure gateways and
then use SSH as a second level of security to allow staff to connect
to the secure gateways from the Internet. Of course these secure
gateways are more than just security proxies; they can also contain
diagnostic tools, auditing functions, scripting capability,
etc.


and all the other things single points of failure need.  like
pixie dust, chicken entrails, ...

randy

Current thread:

Re: IT security people sleep well, (continued)
- - - Re: IT security people sleep well Henning Brauer (Jun 06)
    - Re: IT security people sleep well Paul Jakma (Jun 06)
    - SSH on the router - was( IT security people sleep well) Michael . Dillon (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Rubens Kuhl Jr. (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Henry Linneweh (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Henning Brauer (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Alex Bligh (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Edward B. Dreger (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Michael . Dillon (Jun 08)
    - Re: SSH on the router - was( IT security people sleep well) Alexei Roudnev (Jun 08)
    - Re: SSH on the router - was( IT security people sleep well) Randy Bush (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Alex Bligh (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Randy Bush (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Valdis . Kletnieks (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Alex Bligh (Jun 07)
    - Re: SSH on the router - was( IT security people sleep well) Randy Bush (Jun 07)
    - Re: IT security people sleep well Daniel Senie (Jun 06)
    - Re: IT security people sleep well Priscilla Oppenheimer (Jun 07)
    - Re: IT security people sleep well Stephen Sprunk (Jun 07)
- Re: IT security people sleep well Stephen Sprunk (Jun 06)
  - Re: IT security people sleep well Robert Boyle (Jun 06)

(Thread continues...)