nanog mailing list archives
Re: IT security people sleep well
From: Mike Lewinski <mike () rockynet com>
Date: Thu, 03 Jun 2004 13:32:45 -0600
Crist Clark wrote:
Anyone from the real world knows that there are real and significant costs to convert an existing infrucstructure with telnet, the r-protocols, ftp, and all of their unencrypted, unauthenticated friends to SSH and SSL secured connections. Yeah, maybe the software licencing costs are little to nothing, but the administrative overehead of converting all of your other scripts and software, plus lots and LOTS of retraining of admin and users can be very expensive or simply infeasible.
NTM all that legacy hardware for which the vendor simply never released an SSH-capable version. And lots of deployed CPE which lacks sufficient flash space to load an SSH-capable version where one was released.
I can think of a hundred cases where there's a definite measurable hardware upgrade cost associated with enabling SSH and the like.
Internally, our policy is to establish telnet connections from the closest upstream point possible, in most cases, the other side of a serial interface where our biggest possible cleartext exposure is gremlins at the CO.
Current thread:
- IT security people sleep well Sean Donelan (Jun 02)
- Re: IT security people sleep well Crist Clark (Jun 03)
- Re: IT security people sleep well Mike Lewinski (Jun 03)
- Re: IT security people sleep well Eric Kuhnke (Jun 03)
- Re: IT security people sleep well Valdis . Kletnieks (Jun 03)
- Re: IT security people sleep well Daniel Senie (Jun 03)
- Re: IT security people sleep well Alexei Roudnev (Jun 03)
- Re: IT security people sleep well Edward B. Dreger (Jun 04)
- Re: IT security people sleep well Daniel Corbe (Jun 07)
- Re: IT security people sleep well Rafi Sadowsky (Jun 07)
- Re: IT security people sleep well Crist Clark (Jun 03)
- Re: IT security people sleep well Jeff Shultz (Jun 03)
- Re: IT security people sleep well Edward B. Dreger (Jun 04)
- Re: IT security people sleep well Jonathan Nichols (Jun 03)