RE: More BCP: revenge of RS232 and CLIs

[George Jones <gmj@pobox.com>]

On Wed, 22 Oct 2003, Randy Bush wrote:

> > Why not specify ATLEAST 9600/8/n/1 ?
>
> is 1200 baud less secure?

Randy, you have a way with few words :-)

I did have some question about whether this was a security feature at
all and would welcome comment.  It's also the only place now
where the requirment itself lists a specific technology (all
others leave that for the examples)....so it's a bit of an odball.

That being said, I think having a guarenteed-to-work-everybody-can-do-it
way of accessing the box for managemnt and config during an attack
or to load a new version of code offline IS a security issue
(availability mostly, managability) and I would be hard pressed
to name something current that is more widespread than RS232.

---George