Network security on multiple levels (was Re: NYT covers China cyberthreat)
Jack Bates
jbates at brightok.net
Wed Feb 20 20:20:45 UTC 2013
On 2/20/2013 1:05 PM, Jon Lewis wrote:
>
> See thread: nanog impossible circuit
>
> Even your leased lines can have packets copied off or injected into
> them, apparently so easily it can be done by accident.
>
This is especially true with pseudo-wire and mpls. Most of my equipment
can filter based mirror to alternative mpls circuits where I can drop
packets into my analyzers. If I misconfigure, those packets could easily
find themselves back on public networks.
Jack
More information about the NANOG
mailing list