[24338] in North American Network Operators' Group
Re: Is anyone actually USING IP QoS?
daemon@ATHENA.MIT.EDU (Alex P. Rudnev)
Wed Jun 16 15:24:20 1999
Date: Wed, 16 Jun 1999 23:09:33 +0400 (MSD)
From: "Alex P. Rudnev" <alex@Relcom.EU.net>
To: abbas@cdtelecom.com
Cc: nanog@merit.edu
In-Reply-To: <199906161900.PAA19911@bitbucket.cdtelecom.com>
Errors-To: owner-nanog-outgoing@merit.edu
For 99.9% percents of networks, SSH/SLOGIN at the cisco (in conjuction
with S/KEI or simular if you want extra protection) is enougph for the
routers. May be, ssh have some security problems, but I hardly imagine
where they can be important except some bank system when intruder can get
100,000$ at once in case of success.
On the other hand, for now, 99% or routers over the world are configured
withouth any security except simple access lists and simple multi-used
passwords. Just because something though _ssh is not enougph and is not
nessesary at all_. As usial - you should start from the small steps (ssh)
and then go to the big ones (IPSEC) if nessesary, not vice versa.
K4, K5 - Kerberos was killed by the USA's goverment, unfortunately... -:)
No any interest.
> K4, maybe. K5? Not quite so easily. Either is not nearly as
> bad as open telnet. And "has had known security problems" is not the
> same as "has known security problems," and the former does not strenghen
> your argument nearly as much as you seem to think it does.
>
> Perhaps you should follow your own career advice.
>
> --msa
>
>
Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
