Wireless insecurity at NANOG meetings
William Allen Simpson
wsimpson at greendragon.com
Sun Sep 22 22:46:15 UTC 2002
"John M. Brown" wrote:
>
> On Sun, Sep 22, 2002 at 04:49:08AM -0700, Randy Bush wrote:
> >
> > a prudent user does not ssh _from_ a machine they don't control or
>
> prudent users don't get hacked. non-prudent users hopefully learn
> or darwin happens.
Ahem! I'm usually considered a prudent user (once upon a time, I was
the _only_ person using IPSec at an IETF meeting, having written it myself, and communicating with just about the earliest commercial
implementation by Morningstar). ADmittedly, that was from my own
laptop, and I've never understood why we had public machines.....
However, I've had machines taken over this past summer through the
OpenSSH hole. A couple of years back, I had a router taken over through
a Cisco hole.
You're only as good as your software. And we all rely on each other.
That's worth remembering: the Internet still relies on cooperation,
between the vendors, and between the operators!
Meanwhile, I think Randy and John are both moving in the right direction
and I'm sure we'll all call Merit tomorrow to ask what in the world they
are thinking....
--
William Allen Simpson
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
More information about the NANOG
mailing list