Is anyone actually USING IP QoS?

Alex P. Rudnev alex at
Wed Jun 16 19:09:33 UTC 1999

For 99.9% percents of networks, SSH/SLOGIN at the cisco (in conjuction 
with S/KEI or simular if you want extra protection) is enougph for the 
routers. May be, ssh have some security problems, but I hardly imagine 
where they can be important except some bank system when intruder can get 
100,000$ at once in case of success.

On the other hand, for now, 99% or routers over the world are configured 
withouth any security except simple access lists and simple multi-used 
passwords. Just because something though _ssh is not enougph and is not 
nessesary at all_. As usial - you should start from the small steps (ssh) 
and then go to the big ones (IPSEC) if nessesary, not vice versa.

K4, K5 - Kerberos was killed by the USA's goverment, unfortunately... -:) 
No any interest.

> 	K4, maybe.  K5?  Not quite so easily.  Either is not nearly as
> bad as open telnet.  And "has had known security problems" is not the
> same as "has known security problems," and the former does not strenghen
> your argument nearly as much as you seem to think it does.
> 	Perhaps you should follow your own career advice.
> 	--msa

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)

More information about the NANOG mailing list