Home page logo

nanog logo nanog mailing list archives

Re: Is my router owned? How would I know?
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Fri, 13 Jan 2006 03:29:15 +0000 (GMT)

On Thu, 12 Jan 2006, Martin Hannigan wrote:

If we accept the "clue" problem as the solution, I think we
accept the fact that we condone the vendor not having secure
solutions. That may be fine for our new colleague the 'security

vendors should always, or be beatten about the head/shoulders when not,
put out secure products... always.

engineer', but it's not good for the Internet as a whole and it
distracts us from the work of making it work.

how is it better for security engineers? it's hell, every 3rd month a new
'default passwd' often on a 'security' device :( talk about stupid :(

Offering tutorials at NANOG is a great effort towards the
clue issue, but maybe we should offer vendors tutorials on
the inverse?

Some vendors have asked and received this sort of thing, does huwei (which
I butchered the spelling of) want one? (or need one?) how about netgear
and their lovely NTP issue? or checkpoint or ... there are quite a few
vendors out there, some even attend NANOG. If they listened to their
customers I suspect they'd hear: "I want a secure platform!" quite loudly.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]