Re: Ever onward

[Wes Hardaker <wjhns1@hardakers.net>]

>>>>> On Wed, 04 Feb 2004 01:30:49 -0500, Phil Shafer <phil@juniper.net> said:

Phil> I don't see how does this varies from battling for 'configure
Phil> exclusive' mode in JUNOS or 'enable' mode in IOS.

I can't say whether other architectures I haven't looked at
extensively have similar problems.  They may.

>> 4) If you believe you can beat the race condition that has been
>> discussed, you should note that the attack could also involve a
>> DDoS attack against the management station, network, or router in
>> front of same.

Phil> The attack could also involve a forest fire or other natural
Phil> disaster, moving it into the realm of "unrealistic
Phil> scenario". ;^)

Yeah yeah, or...  a asteroid strike, or an alien invasion.  Huh?  Are
you just trying to move it into a realm of unrealistic?  Um, OK.
Interesting argument.

Phil> Global locks aid in both scenarios.  They are simple to understand.
Phil> They are simple to implement.  Nuff said?

I felt I should offer an explanation.  I'm not going to say any more
either.  When products come out and field this protocol, maybe someone
will write a white paper describing the attack and submit it to
bugtraq and we'll see if it gets used or not.  That's the best way to
determine if its really a problem ;-)

-- 
"In the bathtub of history the truth is harder to hold than the soap,
 and much more difficult to find."  -- Terry Pratchett

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>