Re: survey of isp security practices

[George Jones <eludom@gmail.com>]

On Wed, 17 Nov 2004 13:26:12 -0500, Howard C. Berkowitz
<hcb@gettcomm.com> wrote:

> 
> Would it be fair to say, then, that while the authentication server
> itself is out of scope, denial of service on the connectivity between
> edge routers, router console functions, etc., would be within scope?

yes, to the extent that it can be  phrased in terms of device capabilities.

> In other words, it would be in scope to identify secure protocol
> mechanisms and protection against DoS, but as seen by the core
> network element?

For instance, there's not much you can say/do about a saturated link....if the
upstreams are filling the pipe, the pipe will be full....but you might say
something like "supports features to mitigate syn floods" (that
particularl wording
would need a lot of work, references, etc.).

---George