DARPA and the network
Jay R. Ashworth
jra at baylink.com
Tue Sep 6 16:30:30 UTC 2005
On Tue, Sep 06, 2005 at 12:04:14PM +0100, Michael.Dillon at btradianz.com wrote:
> > yes, it is. we can further dicuss that in private if you wish; however,
> > claiming OpenBSD is just more vocal about security is just far off
> > reality, and that had to be put in perspective.
>
> The real question is not whether other BSDs or
> other Unices are following OpenBSD's lead. I'd like
> to know how many embedded systems (routers and switches)
> are implementing similar "hardening" techniques.
Well, I sort of gather that the implication was "all the ones that are
embedding OpenBSD". ;-)
> The Internet runs on embedded systems and although many have their
> roots in Unix, they don't seem to have adopted many of the security
> techniques that are used in C2 or CAPP certified systems.
Quite so.
> The details that Henning posted are useful to list members who are
> writing RFPs for new network gear. Even if vendors can't meet these
> requirements today, it is good to let them know that people seriously
> want secure operating systems on their routers and switches.
Ah yes, the most important requirement: informed, vocal users. The
more you spend per year, the better.
Cheers,
-- jra
--
Jay R. Ashworth jra at baylink.com
Designer +-Internetworking------+----------+ RFC 2100
Ashworth & Associates | Best Practices Wiki | | '87 e24
St Petersburg FL USA http://bestpractices.wikicities.com +1 727 647 1274
If you can read this... thank a system administrator. Or two. --me
More information about the NANOG
mailing list