[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CPE equipments and stateful filters

To: Fred Baker <fred@cisco.com>
Subject: Re: CPE equipments and stateful filters
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
Date: Wed, 25 Jul 2007 00:46:24 +0900
Cc: v6ops@ops.ietf.org
In-reply-to: fred's message of Tue, 24 Jul 2007 10:34:46 EST. <319C5A3B-939C-48BD-AF65-93E41F09406B@cisco.com>

>> Fred raised concerns about DoS attack, but if you run secure OS you  
>> do not have to worry about that.
>
>Part of this relates to the concept of a "secure OS". I think the  
>security experts in the room will tell you that the only truly secure  
>devices is one in which no electrons are moving. One cannot actually  
>say that "there is no way to successfully attack X"; one can only say  
>that any such exploits are currently unknown for a system at the  
>appropriate patch level and with the right configuration. That said,  
>my observation was not limited to DOS attacks, although those are  
>part of the discussion. My comment had to do with the integrity of  
>networks people provide for themselves, and the view of the network  
>as something to secure in its own right.

	"only 2 remote holes in more than 10 years" is pretty much equal to
	"there is almost no way to attack it".  in fact, the particular
	operating system i'm involved with, OpenBSD, is excluded from
	"attack this box" contests at the security-related conferenes because
	it is practically unattackable.

	enough for the ego boost :-)

>In my view, people in residences and in companies provide for  
>themselves the things they think they need. Not everyone provides the  
>same things, and not everyone views the things they provide the same  
>way. For example, my wife's mother would happily give up her kitchen  
>and eat out; my wife provides a kitchen in our home because she wants  
>to be able to cook for herself.

	i understand the tradeoff.

	in Japan more and more kitchens avoid LPGs and use electric heaters
	due to economic issues (skyscraper apartments) and safety concerns.
	but you can never cook a good Chinese dishes with electric heaters.

>In my home, I provide two wired networks and two wireless ones. One  
>pair is for me (Cisco information security guidelines require my home  
>office to be separate from my home), and the other pair is for my  
>family.
(snip)

	what i've been repeatedly trying to deliver is that, (it is more of
	IAB stuff) access controls at organization borders and/or based on
	address has to stop now.
	if you wish to be sure you are communicating with murai-san you have
	to check his identity using crypto signature.
	to prevent DDoS attacks, your ISP has to react quickly, as protecting
	for DDoS in your home has no protection against your DSL/fiber links
	from being filled up.

	as far as i understand, UPnP has no authentication whatsoever (if
	there is, you would face a bootstrap problem for secret sharing).
	so, once your UPnP-client box gets hijacked, bad guys can open up any
	TCP/UDP ports in your network.  i'd rather have no UPnP on my router.
	UPnP adds more complexity onto the complexity of NAT/firewall, so what
	would you expect? :-)

itojun

Follow-Ups:
- Re: CPE equipments and stateful filters
  - From: Fred Baker <fred@cisco.com>

References:
- Re: CPE equipments and stateful filters
  - From: Fred Baker <fred@cisco.com>

Prev by Date: Re: Distributing site-wide RFC 3484 policy
Next by Date: Re: CPE equipments and stateful filters
Previous by thread: Re: CPE equipments and stateful filters
Next by thread: Re: CPE equipments and stateful filters
Index(es):
- Date
- Thread