[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nanog
Subject:    Re: routing between provider edge and CPE routers
From:       "Miquel van Smoorenburg" <miquels () cistron ! nl>
Date:       2003-01-30 20:04:39
[Download RAW message or body]


In article <cistron.7CD4CD9D537C294D9ED9E5CE2F019106B6BC4D@MAILSERV.linc2icn.net>,
Mike Bernico <mbernico@illinois.net> wrote:
>> So, by accepting routes from CPE you create a huge security
>vulnerability
>> for your customers, and other parties.  This practice was understood
>as a
>> very bad network engineering for decades.
>
>Is there someplace I can find tidbits of information like this?  I
>haven't been alive decades so I must have missed that memo.  Other than
>this list I don't know where to find anyone with lots of experience
>working for a service provider.

You could have thought this up yourself. If you put something in
production, /always/ ask yourself: if I was a hacker with bad intentions,
how could I abuse this. And actually try to. I hacked my own network
and machines a couple of times for fun, you learn a lot from it.

Mike.
-- 
Anyone who is capable of getting themselves made President should
on no account be allowed to do the job -- Douglas Adams.
[prev in list] [next in list] [prev in thread] [next in thread]