[170115] in North American Network Operators' Group
Re: misunderstanding scale
daemon@ATHENA.MIT.EDU (Michael Thomas)
Mon Mar 24 12:32:15 2014
Date: Mon, 24 Mar 2014 09:28:48 -0700
From: Michael Thomas <mike@mtcc.com>
To: nanog@nanog.org
In-Reply-To: <CAP-guGUhOYXDuuwZtYO0YFKfBxto+0+T2w4+KSCQ7L=dzw=MQQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 03/24/2014 09:20 AM, William Herrin wrote:
> On Mon, Mar 24, 2014 at 3:00 AM, Karl Auer <kauer@biplane.com.au> wrote:
>> Addressable is not the same as
>> accessible; routable is not the same as routed.
> Indeed. However, all successful security is about _defense in depth_.
> If it is inaccessible, unrouted, unroutable and unaddressable then you
> have four layers of security. If it is merely inaccessible and
> unrouted you have two.
>
>
A distinction without a difference, IMHO. Either I can send you an
incoming SYN or I can't.
The real battle here, IMHO, is to get the next gen CPE vendors to do the
right thing. NANOG
folks ought to be keeping tabs on the Homenet working group and then
DEMAND that any
CPE support its security, etc, baselines.
Mike
