routing between provider edge and CPE routers
Miquel van Smoorenburg
miquels at cistron.nl
Thu Jan 30 20:04:39 UTC 2003
In article <cistron.7CD4CD9D537C294D9ED9E5CE2F019106B6BC4D at MAILSERV.linc2icn.net>,
Mike Bernico <mbernico at illinois.net> wrote:
>> So, by accepting routes from CPE you create a huge security
>vulnerability
>> for your customers, and other parties. This practice was understood
>as a
>> very bad network engineering for decades.
>
>Is there someplace I can find tidbits of information like this? I
>haven't been alive decades so I must have missed that memo. Other than
>this list I don't know where to find anyone with lots of experience
>working for a service provider.
You could have thought this up yourself. If you put something in
production, /always/ ask yourself: if I was a hacker with bad intentions,
how could I abuse this. And actually try to. I hacked my own network
and machines a couple of times for fun, you learn a lot from it.
Mike.
--
Anyone who is capable of getting themselves made President should
on no account be allowed to do the job -- Douglas Adams.
More information about the NANOG
mailing list