[41970] in North American Network Operators' Group
Re: Lack of Security
daemon@ATHENA.MIT.EDU (Dave Stewart)
Wed Sep 12 22:46:11 2001
Message-Id: <5.1.0.14.2.20010912215946.056f71b0@mail.ntrnet.net>
Date: Wed, 12 Sep 2001 22:07:33 -0400
To: nanog@merit.org
From: Dave Stewart <dbs@ntrnet.net>
In-Reply-To: <20010912214212.B57970@acidpit.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
At 09:42 PM 9/12/2001, Robert Hough wrote:
>The security we display in most aspects of our society echo the same
>security we display in most of our networks as well.
>
>Now ask yourself, why was it so easy to hijack these planes? Because we
>have sacrificed security for convenience - and our enemy used that
>against us. Well, something to chew on. G'Night.
Can someone explain to me how only allowing ticketed passengers past
security checkpoints is going to accomplish anything toward increased
security? The only thing I can even dream of is that it will reduce the
number of people passing the checkpoints.
These hijackers were ticketed passengers.
No carry-on? OK, so it will reduce hiding places for non-metallic
weapons. On the other hand, so much for taking your laptop with you - are
you willing to entrust your laptop to baggage handlers? Willing to put
your Palm in your checked luggage?
This is just my feeling, but I honestly believe these measures are only
giving the *appearance* of security, apparently to make the general public
feel better.
I do agree, though, with the comments on network security - so many, many
are much more lax about the security of their networks than airports have
been. As an anecdote, when I came to my current job last year, the network
was wide open. Since, I've placed servers behind firewalls, and blocked
things like NetBIOS (you wouldn't believe the cry that went up from
customers when I did that - they *want* to use NetBIOS shares between
business offices in various cities)
