[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: survey of isp security practices
lOn Tue, 9 Nov 2004, Merike Kaeo wrote:
4. Authentication / Authorization
4.1 Threat Description
4.2 Best Current Practice
4.2.1 Device Access
4.2.3 MAC Address
What do you mean by "Routing" here? The legitimacy of the exchanged
routing update messages?
This is likely a very different approach than device access auth, so
I'm not sure how well it fits here. (Ditto with MAC address).
Actually maybe the whole auth section could be part of section 3? Is
there any other significant auth except for login access? Or are you
referring to how BGP MD5 secrets or various IGP secrets are
maintained? Seems like something under Procedural considerations
instead if so..
5.1 Threat Description
5.2 Best Current Practice
5.2.1 General Inbound Traffic Filters
5.2.2 General Outbound Traffic Filters
5.2.3 Device Access Filters
5.2.4 Route Filters
5.2.5 MAC Address Filters
5.2.6 DoS Mitigation Filtering
5.2.7 SinkHole / Blackhole
How does 4.2 compare to 5.2.3 - 5.2.5? Maybe the titles are not
sufficient to convey what exactly you mean in section 4 ?
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings