Cisco, Anti-virus Vendors Team on Network Security

Sean Donelan sean at donelan.com
Tue Nov 18 20:48:18 UTC 2003


On Tue, 18 Nov 2003 Valdis.Kletnieks at vt.edu wrote:
> > Without the secret handshake Mac OS, Linux, Solaris and other operating
> > systems will not be able to connect to a Cisco Self-Defending Network
> > which limits its usefullness for ISPs.
>
> A *nix without a secret handshake is like a fish without a bicycle.
>
> Yes, viruses *are* theoretically possible on these platforms, but let's
> be honest here - even if you included all of the platforms, you'd only
> intercept another 1% or so viruses, tops.

Well, if you let systems on the network without the secret handshake,
what's to stop people from connecting Windows boxes with the "security"
software disabled so it doesn't answer the "I'm Infected" question?  Or
the next virus can take over the Cisco secret handshake port and always
answer "I'm Ok" when ever the network asks it a question.

How does the Self-Protecting Network tell the difference between a
non-infected Mac or Unix machine from a Typhod Mary Windows bo if you are
depending on software on the system to answer the question?

Yes, some level of security works when every obeys the rules.  But the
current problem ISPs have is not everyone obeys the rules.






More information about the NANOG mailing list