RE: How secure should it be? (was RE: password stores?)

[Rowland, Alan D]

Ah, There's the rub. Access has a range from open to closed. The point you
choose along that line directly effects cost and ease of use.

Put another way, Careful what you ask for, you may get it.

Best regards,
_
Alan Rowland

To quote another NANOG poster's sig file that applies to this discussion:
Wrong questions are the leading cause of wrong answers.


-Original Message-
From: Sean Donelan [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, July 24, 2002 10:19 PM
To: [EMAIL PROTECTED]
Subject: How secure should it be? (was RE: password stores?)


snip...
Should we secure routers better, worse or the same as burglar alarms?

While I agree there are settings which are insecure, its seems like we
haven't figured out the optimum level of security yet.  Which may be less
than what the experts think.

How secure should it be? (was RE: password stores?)

[Sean Donelan]

On Tue, 23 Jul 2002, Shawn Solomon wrote:
 One common solution is a hash based on the cpe site name or some other
 unique key provided by the cpe information (address, ph #, etc).
 Changing the hash occasionally provides new passwords, and it is all
 easily scripted..

Most burglar alarms in the US don't meet UL installation standards for
burglar alarms. Although the box is usually UL listed, and when configured
properly could meet UL installation standards, neither customers nor
alarm companies feel the need.  Other than banks and museums, it seems to
be pretty rare. The most common variance is similar to the statement
above, although not as sophisticated.

Should we secure routers better, worse or the same as burglar alarms?

While I agree there are settings which are insecure, its seems like
we haven't figured out the optimum level of security yet.  Which may be
less than what the experts think.