[71065] in North American Network Operators' Group
Re: SSH on the router - was( IT security people sleep well)
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Jun 7 18:08:23 2004
From: Randy Bush <randy@psg.com>
Date: Mon, 7 Jun 2004 15:07:47 -0700
To: Alex Bligh <alex@alex.org.uk>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
> Well the way we did it, all routers were accessible from 2
> (large) POPs, two being in the NOC, and one being elsewhere
well, in my life (pop != noc). but access usually is from noc,
engineering hq, and, if she's lucky, somewhere easy for the
escalation victim of last resort to reach.
whether some of these are data centers, i.e. where customers
may have machines, is irrelevant. though if customers might
gain physical access by breaking only one layer of physical
security, i would not be happy.
randy
