Randy Bush <[EMAIL PROTECTED]> writes: >>> Again, I think bogon filters are a bad idea for unmanaged or >>> semi-managed routers (or inclusion as a "default" in anything, >>> i.e. Cisco's auto-secure). >> >> You make a very good point about the difference between routers that >> are being routinely maintained by highly clueful people and routers >> that are in the field and untouched/unloved for months to years at a >> time. > > in the field != untouched/unloved
That's why I used the conjunction "and". > i contend that all one's routers should be rigorously configured as > programmatically as possible. Not sure what you mean by this, but the painful reality is that most stuff, once deployed, gets promptly forgotten about, much the same as you might ignore a wall wart power supply under your desk until it started smelling funny or stopped delivering electricity. Thus, I contend that one's routers should be configured to avoid ticking time bombs. As smb so eloquently just asserted, "availability is a security issue too". -r