[149767] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Common operational misconceptions

daemon@ATHENA.MIT.EDU (Rich Kulawiec)
Wed Feb 15 17:53:40 2012

Date: Wed, 15 Feb 2012 17:52:44 -0500
From: Rich Kulawiec <rsk@gsp.org>
To: nanog@nanog.org
In-Reply-To: <20120215144715.18e65a55@w520.localdomain>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

ICMP is evil.
Firewalls can be configured default-permit.
Firewalls can be configured unidirectionally.
Firewalls will solve our security issues.
Antivirus will solve our security issues.
IDS/IPS will solve our security issues.
Audits and checklists will solve our security issues.
Our network will never emit abuse or attacks.
Our users can be trained.
We must do something; this is something; let's do this.
We can add security later.
We're not a target.
We don't need to read our logs.
What logs?

(with apologies to Marcus Ranum, from whom I've shamelessly
cribbed several of these)

---rsk


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[149767] in North American Network Operators' Group

Re: Common operational misconceptions

daemon@ATHENA.MIT.EDU (Rich Kulawiec)Wed Feb 15 17:53:40 2012

daemon@ATHENA.MIT.EDU (Rich Kulawiec)
Wed Feb 15 17:53:40 2012