[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: More BCP: revenge of RS232 and CLIs
On Wed, 22 Oct 2003, Randy Bush wrote:
> > Why not specify ATLEAST 9600/8/n/1 ?
>
> is 1200 baud less secure?
Randy, you have a way with few words :-)
I did have some question about whether this was a security feature at
all and would welcome comment. It's also the only place now
where the requirment itself lists a specific technology (all
others leave that for the examples)....so it's a bit of an odball.
That being said, I think having a guarenteed-to-work-everybody-can-do-it
way of accessing the box for managemnt and config during an attack
or to load a new version of code offline IS a security issue
(availability mostly, managability) and I would be hard pressed
to name something current that is more widespread than RS232.
---George