Arguing against using public IP space
Joe Greco
jgreco at ns.sol.net
Mon Nov 14 15:05:01 UTC 2011
> On Nov 14, 2011, at 9:24 AM, Joe Greco wrote:
> > Getting fixated on air-gapping is unrealistically ignoring the other thre=
> ats out there.
>
> I don't think anyone in this thread is 'fixated' on the idea of airgapping;=
No, but it's clear that there are many designers out there who feel this
is the way to go. That's why it's a good idea to cover the ground anyways.
> but it's generally a good idea whenever possible, and as restrictive a com=
> munications policy as is possible is definitely called for, amongst all the=
> other things one ought to be doing.
I think the part people forget about is that last part, "amongst all the
other things one ought to be doing."
> It's also important to note that it's often impossible to *completely* airg=
> ap things, these days, due to various interdependencies, admin requirements=
> (mentioned before), and so forth; perhaps bastioning is a more apt term.
If it didn't turn into a situation where everyone's bastardizing^Wbastioning
your network in insecure ways.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the NANOG
mailing list