[167909] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Tue Dec 31 14:48:07 2013
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: "nanog@nanog.org list" <nanog@nanog.org>
Date: Tue, 31 Dec 2013 19:44:15 +0000
In-Reply-To: <CAOpC_m55wCpgGQpjnydcWuQ3+7DdCYGEQe-FGaFvXQOa=HvXhQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 1, 2014, at 2:34 AM, Jonathan Greenwood II <gwood83@gmail.com> wrote=
:
> The best response I've seen to all this hype and I completely agree with
> Scott:
>=20
> "Do ya think that you wouldn't also notice a drastic increase in outbound=
traffic to begin with? It's fun to watch all the hype and things like
> that, but to truly sit down and think about what it would actually take t=
o make something like this happen, especially on a sustained and
> "unnoticed" basis, is just asinine.
Hopefully, this drives home the importance of all the various BCPs like iAC=
Ls, isolated jump-off boxes for interactive access, config-file management,=
and network telemetry - including visibility into DCN/OOB traffic.
There are open-source tools out there which can be used for these purposes.=
It doesn't require a lot of capex, mainly opex - i.e., elbow-grease.=20
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
