Re: Cisco crapaganda

[Chris Gilbert <Chris () LainOS org>]

Given the term "Crapaganda" I couldn't help but share this when I ran
across it today:

http://www.cisco.com/edu/peterpacket

Enjoy :)

Also,

> Of course, in the end, Juniper is also vulnerable. ... Now I
> believe that Open Source software techniques can solve this root
> problem because many eyes can find more bugs. This doesn't just
> mean *BSD and Linux. There are also systems like OSKit
> http://www.cs.utah.edu/flux/oskit/ and RTAI http://www.rtai.org/
> that are more appropriate for building things like routers.

But in some ways, aren't those Open Source software techniques also
assisting Juniper, as JunOS is based in no small part on FreeBSD?

Perhaps their hybrid of Open-Source adoption and proprietary
development will take the benefits from both worlds and prove an
effective method for maintaining a high level of software security.

Also, what about DoD Orange Book certification? Can this kind of
testing methodology be applied to routing systems as well, such as IOS?

In recent years Microsoft has been releasing code for internal
security audits to special customers such as large corporate partners
and government.

I wonder if infrastructure customers should, or could be getting
similar treatment from Cisco in regards to IOS, for them to better
protect their customers. (Government would apply here too.)

--
Regards,
Chris Gilbert
IO Interactive A/S