Re: Telnet and FTP to Historic
Keith Moore <moore@network-heretics.com> Thu, 03 December 2020 20:05 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A3B43A0A96 for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:05:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.918
X-Spam-Level:
X-Spam-Status: No, score=-1.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uzowDlbn1BxQ for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:05:34 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C85D03A0B05 for <ietf@ietf.org>; Thu, 3 Dec 2020 12:05:27 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 1D4CA10BA for <ietf@ietf.org>; Thu, 3 Dec 2020 15:05:27 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Thu, 03 Dec 2020 15:05:27 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=JzDL4qUYPEHQa5RuAqMCyPL13F9yaxGZRNCd66xnE fA=; b=ftmsp0xQqs/CTqBJms1trDfTVwA4Toex4YwusVEfTBq+Sd7JyRbMw+hbx mTHyspflJeOjse3cWDj7rq5QSoSa090SRTV0GzkwOO2WSm5w/rcp8wggnSlBgGvT BAOUlkgAnbw7Yn6nMMSetO8hMaHfFXe9+M0FnckyyvY4X609nkXUDsqxICUHVDbl lBYwipBCTG7cw2ughTECslH4Zy3oo/5DYWG49fnZ/2aDlpPQg+PGIFTil5mumI5f MpyrWIhQe85OHragmlaUSxJvq0Adh98e0MPxxWqcf+CmKzSykYjz7tJXXX5AW53G 4HEDfZMO5LkO47PTn5rG8dA5glDWw==
X-ME-Sender: <xms:A0XJX-p99ES6qsPyK_qUtPbxpRSR6_Mzl2Uvmv88HCiwPqKPyrelQQ> <xme:A0XJX8r050w5eQJdS40dbxYy35mKMRoWnWbJt27_csCcDOVLqJ8r2NjOzr5QUJ9kR NlAzBYiIm8j0g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeiiedgudefgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesth ejredttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvght fihorhhkqdhhvghrvghtihgtshdrtghomheqnecuggftrfgrthhtvghrnhepkedvgefgle euleekuefhffehgefhhfekuedvudduiefhhedufefftdfgtdekfffgnecukfhppedutdek rddvvddurddukedtrdduheenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:A0XJXzMOSfIgZ1QbGL3VioD6aPpdXkgEgPtDqH0gQYcrXPNnozG0tg> <xmx:A0XJX95JxGFCM-9txU1VHHtnnhclmphfXVxMn1ykjHdV0N7Pu0nCTg> <xmx:A0XJX96r3NOn_AIqgE7EgrXT3qZ3YxUHmMMpZZ2UCafGiHL4Smfm5Q> <xmx:BkXJX4L0xkRr0TD9XT83rCLEngCGnjKyzFucTZP_kb3tGO5sDP4jHw>
Received: from [192.168.1.85] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 7025A1080064 for <ietf@ietf.org>; Thu, 3 Dec 2020 15:05:23 -0500 (EST)
Subject: Re: Telnet and FTP to Historic
To: ietf@ietf.org
References: <51d208a3-4cae-b69a-6ecc-d15f48c66b44@huitema.net> <06E7EB62-D6C2-4827-A241-8E276860C2B7@strayalpha.com> <6842e463-6fce-42e5-402c-acacabd9905b@huitema.net>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <8cb5f679-ebc5-3107-1708-c4912b9222d4@network-heretics.com>
Date: Thu, 03 Dec 2020 15:05:22 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <6842e463-6fce-42e5-402c-acacabd9905b@huitema.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/E_oaiO4wz-XNUAjk8dfZbuVvbao>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 20:05:36 -0000
On 12/3/20 1:54 PM, Christian Huitema wrote: > > I understand why you say that. Machines behind a NAT or a stateful > firewall cannot be remotely probed for low level vulnerabilities, so > you do get some reduction of the attack surface. My contention is that > this reduction is far from being sufficient, because attackers have > found many ways to project themselves through NATs or firewalls. If > you allow for unsafe practices because the machines are behind a NAT > or a firewall, these unsafe practices will result in catastrophic > cascades of failures after a single breach happens. +1 For that matter not even "air gapped" networks are really safe. There's almost always some laptop or other that occasionally connects to such networks, and malware can creep in that way.
- Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Theodore Y. Ts'o
- Re: Two FTP issues Joseph Touch
- Re: Two FTP issues Salz, Rich
- Re: Two FTP issues Larry Masinter
- Re: Two non-FTP issues John Levine
- Re: Two non-FTP issues Keith Moore
- Re: Two FTP issues John C Klensin
- Telnet and FTP to Historic Phillip Hallam-Baker
- MIME sniffing Keith Moore
- Re: Telnet and FTP to Historic Keith Moore
- Re: MIME sniffing Julian Reschke
- Re: MIME sniffing Keith Moore
- Re: Telnet and FTP to Historic Adam Roach
- Re: Telnet and FTP to Historic Carsten Bormann
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Carsten Bormann
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic Michael Thomas
- Re: Telnet and FTP to Historic Scott O. Bradner
- Re: Telnet and FTP to Historic John C Klensin
- Re: Telnet and FTP to Historic Scott O. Bradner
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Mark Andrews
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Scott Bradner
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Jared Mauch
- Re: Telnet and FTP to Historic Mark Andrews
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic John Levine
- Re: Telnet and FTP to Historic John C Klensin
- Re: Telnet and FTP to Historic Theodore Y. Ts'o
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Joe Touch
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Christian de Larrinaga
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Dave Cridland
- Re: Telnet and FTP to Historic Nick Hilliard
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic IETF Sergeant at Arms
- Re: Telnet and FTP to Historic Christian de Larrinaga
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Joe Touch
- Re: Telnet and FTP to Historic Keith Moore
- Re: Telnet and FTP to Historic Adam Roach
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Keith Moore
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic Keith Moore