NSA's recommendation for classfull routing (was Re: IP address fee??)

• Previous message (by thread): NSA's recommendation for classfull routing (was Re: IP address fee??)
• Next message (by thread): NSA's recommendation for classfull routing (was Re: IP address fee??)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Not that it will more people the trouble of sending me more messages, but
yes I'm aware the NSA guide states:

   "The goal for this guide is a simple one: improve the security provided
   by routers on US Department of Defense (DoD) operational networks."

Inside the DoD, they may want to only use classful routing. The
recommendation may be valid for that environment.

Unfortunately, some security firms and organizations have taken the NSA
guide as a rulebook.  I've seen a lot of security checklists copied
directly from the NSA Router Security and Configuration Guide. Even worse,
I've seen very expensive security vulnerability reports recommending
clients change their routers based on the NSA guide, such as turning off
ip classless.

If you are building a network in the outside of the DoD some of the NSA
recommendations should *NOT* be followed.

• Previous message (by thread): NSA's recommendation for classfull routing (was Re: IP address fee??)
• Next message (by thread): NSA's recommendation for classfull routing (was Re: IP address fee??)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]