[77056] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Proper authentication model

daemon@ATHENA.MIT.EDU (Stephen Stuart)
Wed Jan 12 11:08:34 2005

To: Kim Onnel <karim.adel@gmail.com>
Cc: nanog@merit.edu
In-reply-to: Your message of "Wed, 12 Jan 2005 07:57:45 PST."
             <200501121557.j0CFvjdi036909@lo.tech.org> 
Date: Wed, 12 Jan 2005 08:05:57 -0800
From: Stephen Stuart <stuart@tech.org>
Errors-To: owner-nanog-outgoing@merit.edu


> When crafting the ACL that restricts what source IP{,v6} addresses may
> ssh to the router, you may want to include each router's neighbors by
> both their loopback and any interface addresses that might source a
> packet (if your security policy permits it). 

I forgot a phrase: [that might source a packet] headed for another
router.

Stephen


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[77056] in North American Network Operators' Group

Re: Proper authentication model

daemon@ATHENA.MIT.EDU (Stephen Stuart)Wed Jan 12 11:08:34 2005

daemon@ATHENA.MIT.EDU (Stephen Stuart)
Wed Jan 12 11:08:34 2005