bloomberg on supermicro: sky is falling

Scott Weeks surfer at
Wed Oct 10 21:24:44 UTC 2018

--- SNaslund at wrote:
From: "Naslund, Steve" <SNaslund at>

You are free to disagree all you want with the default 
deny-all policy but it is a DoD 5200.28-STD requirement 
and NSA Orange Book TCSEC requirement.  It is baked into 
all approved secure operating systems including SELINUX 
so it is really not open for debate if you have meet 
these requirements.  

I believe you need to specify what type of DoD networks 
you're talking about.  NIPR is not default deny.


More information about the NANOG mailing list