[74315] in North American Network Operators' Group
Re: FW: The worst abuse e-mail ever, sverige.net
daemon@ATHENA.MIT.EDU (Brian Wallingford)
Tue Sep 21 23:22:18 2004
Date: Tue, 21 Sep 2004 23:17:48 -0400 (EDT)
From: Brian Wallingford <brian@meganet.net>
To: Allan Poindexter <apoindex@aoc.nrao.edu>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <yu9hdpr6uz7.fsf@aoc.nrao.edu>
Errors-To: owner-nanog-outgoing@merit.edu
:Let's put this in perspective. Say a hypothetical sysadmin were to
:disable any and all authentication on his SSH server. And that
:someone then used SSH from your network to run code that sysadmin
:didn't like on that machine. Would you then consider it reasonable if
:the sysadmin proposed:
:
: The only responsible thing to do is filter port 22, smarthost for
: your users, and inform them about using the alternate submission
: port with authenticated SSH in order to work with enterprise SSH
: servers - or IPSec VPNs, for that matter. This is simply the best
: practice, at this point in time.
:
Apples & oranges; thanks for playing, please try again...
