Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Routers vs. PC's for routing - was list problems?

  • From: Deepak Jain
  • Date: Fri May 24 16:35:30 2002 


-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
David Ulevitch
Sent: Friday, May 24, 2002 2:36 AM
To: Valdis.Kletnieks@vt.edu
Cc: nanog@merit.edu
Subject: Re: Routers vs. PC's for routing - was list problems?


[deleted]

As to being immune to exploits I fail to see how.  An exploit is an exploit
-- it doesn't need to give you a root shell to accomplish a goal of
crashing the packet filter.

I'm more than happy to be proven wrong though, when is there a time when a
pseudo-halted system is "more secure"?

-davidu


----

EXACTLY! Vulnerabilities [especially in socket functions (you still *are*
running a routing protocol right?)] can cause arbitrary code to execute
irrespective of your current run level. Most people would agree that having
to reboot the machine to change/check/edit anything is an unacceptable
scenario. Further, how do you filter an attack in real-time?

Deepak Jain
AiNET


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.