IETF Logo Mail Archive

Re: Telnet and FTP to Historic

Keith Moore <moore@network-heretics.com> Thu, 03 December 2020 20:05 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A3B43A0A96 for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:05:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.918
X-Spam-Level:
X-Spam-Status: No, score=-1.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uzowDlbn1BxQ for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:05:34 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C85D03A0B05 for <ietf@ietf.org>; Thu, 3 Dec 2020 12:05:27 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 1D4CA10BA for <ietf@ietf.org>; Thu, 3 Dec 2020 15:05:27 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Thu, 03 Dec 2020 15:05:27 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=JzDL4qUYPEHQa5RuAqMCyPL13F9yaxGZRNCd66xnE fA=; b=ftmsp0xQqs/CTqBJms1trDfTVwA4Toex4YwusVEfTBq+Sd7JyRbMw+hbx mTHyspflJeOjse3cWDj7rq5QSoSa090SRTV0GzkwOO2WSm5w/rcp8wggnSlBgGvT BAOUlkgAnbw7Yn6nMMSetO8hMaHfFXe9+M0FnckyyvY4X609nkXUDsqxICUHVDbl lBYwipBCTG7cw2ughTECslH4Zy3oo/5DYWG49fnZ/2aDlpPQg+PGIFTil5mumI5f MpyrWIhQe85OHragmlaUSxJvq0Adh98e0MPxxWqcf+CmKzSykYjz7tJXXX5AW53G 4HEDfZMO5LkO47PTn5rG8dA5glDWw==
X-ME-Sender: <xms:A0XJX-p99ES6qsPyK_qUtPbxpRSR6_Mzl2Uvmv88HCiwPqKPyrelQQ> <xme:A0XJX8r050w5eQJdS40dbxYy35mKMRoWnWbJt27_csCcDOVLqJ8r2NjOzr5QUJ9kR NlAzBYiIm8j0g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeiiedgudefgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesth ejredttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvght fihorhhkqdhhvghrvghtihgtshdrtghomheqnecuggftrfgrthhtvghrnhepkedvgefgle euleekuefhffehgefhhfekuedvudduiefhhedufefftdfgtdekfffgnecukfhppedutdek rddvvddurddukedtrdduheenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:A0XJXzMOSfIgZ1QbGL3VioD6aPpdXkgEgPtDqH0gQYcrXPNnozG0tg> <xmx:A0XJX95JxGFCM-9txU1VHHtnnhclmphfXVxMn1ykjHdV0N7Pu0nCTg> <xmx:A0XJX96r3NOn_AIqgE7EgrXT3qZ3YxUHmMMpZZ2UCafGiHL4Smfm5Q> <xmx:BkXJX4L0xkRr0TD9XT83rCLEngCGnjKyzFucTZP_kb3tGO5sDP4jHw>
Received: from [192.168.1.85] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 7025A1080064 for <ietf@ietf.org>; Thu, 3 Dec 2020 15:05:23 -0500 (EST)
Subject: Re: Telnet and FTP to Historic
To: ietf@ietf.org
References: <51d208a3-4cae-b69a-6ecc-d15f48c66b44@huitema.net> <06E7EB62-D6C2-4827-A241-8E276860C2B7@strayalpha.com> <6842e463-6fce-42e5-402c-acacabd9905b@huitema.net>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <8cb5f679-ebc5-3107-1708-c4912b9222d4@network-heretics.com>
Date: Thu, 03 Dec 2020 15:05:22 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <6842e463-6fce-42e5-402c-acacabd9905b@huitema.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/E_oaiO4wz-XNUAjk8dfZbuVvbao>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 20:05:36 -0000

On 12/3/20 1:54 PM, Christian Huitema wrote:

>
> I understand why you say that. Machines behind a NAT or a stateful 
> firewall cannot be remotely probed for low level vulnerabilities, so 
> you do get some reduction of the attack surface. My contention is that 
> this reduction is far from being sufficient, because attackers have 
> found many ways to project themselves through NATs or firewalls. If 
> you allow for unsafe practices because the machines are behind a NAT 
> or a firewall, these unsafe practices will result in catastrophic 
> cascades of failures after a single breach happens. 

+1

For that matter not even "air gapped" networks are really safe. There's 
almost always some laptop or other that occasionally connects to such 
networks, and malware can creep in that way.

v2.23.0 | Report a Bug | By Email