IETF Logo Mail Archive

RE: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt

"Hallam-Baker, Phillip" <pbaker@verisign.com> Tue, 03 July 2007 15:38 UTC

Return-path: <ietf-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5kS2-0007nR-3G; Tue, 03 Jul 2007 11:38:02 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5kS1-0007kR-0B for ietf@ietf.org; Tue, 03 Jul 2007 11:38:01 -0400
Received: from colibri.verisign.com ([65.205.251.74]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5kRL-00072C-TT for ietf@ietf.org; Tue, 03 Jul 2007 11:38:00 -0400
Received: from MOU1WNEXCN02.vcorp.ad.vrsn.com (mailer2.verisign.com [65.205.251.35]) by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id l63FbJPT015724; Tue, 3 Jul 2007 08:37:19 -0700
Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by MOU1WNEXCN02.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 3 Jul 2007 08:37:18 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 03 Jul 2007 08:37:18 -0700
Message-ID: <198A730C2044DE4A96749D13E167AD37012F6931@MOU1WNEXMB04.vcorp.ad.vrsn.com>
In-Reply-To: <6.2.5.6.2.20070702213352.02cde798@resistor.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt
Thread-Index: Ace9LxFXGUdeGc6eQQWXqPukGkbXjQAToQjQ
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: SM <sm@resistor.net>, ietf@ietf.org
X-OriginalArrivalTime: 03 Jul 2007 15:37:18.0897 (UTC) FILETIME=[0A46EA10:01C7BD88]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Cc:
Subject: RE: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

> From: SM [mailto:sm@resistor.net] 

> It offers a fall sense of security.  A person running a HTTP 
> server behind a NAT box usually does port redirection to that 
> server.  The threat remains.

Arguments about false senses of security are usually wrong. We are adapted for an environment where sabre toothed tigers are running around at night. So our tolerance for insecurity is much higher than you might think. A sense of security is created by familiarity, not by analysis.

The point here is not to shut off connectivity, but to shut it off by default. If the user knows they want to run an HTTP server they can set it up accordingly. The nice thing about NAT boxes is that a user who knows nothing about their network can plug one in and the default state is to deny inbound connections.

What that means is that the MYSQL server or the embedded SQL Server in their application they didn't even know they had is shut off from external access. I was running an unpatched version of SQL server when slammer hit without ill effect. I have boxes that have not been booted for several years. I'll bet that much on the code on those boxes is vulnerable too. I don't patch systems I am not currently using.


Sure you can do much better if you 1) know what you are doing and 2) are prepared to put in the necessary time. Most people don't meet either condition.

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf





o/ietf>,
	<mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

> From: SM [mailto:sm@resistor.net] 

> It offers a fall sense of security.  A person running a HTTP 
> server behind a NAT box usually does port redirection to that 
> server.  The threat remains.

Arguments about false senses of security are usually wrong. We are adapted for an environment where sabre toothed tigers are running around at night. So our tolerance for insecurity is much higher than you might think. A sense of security is created by familiarity, not by analysis.

The point here is not to shut off connectivity, but to shut it off by default. If the user knows they want to run an HTTP server they can set it up accordingly. The nice thing about NAT boxes is that a user who knows nothing about their network can plug one in and the default state is to deny inbound connections.

What that means is that the MYSQL server or the embedded SQL Server in their application they didn't even know they had is shut off from external access. I was running an unpatched version of SQL server when slammer hit without ill effect. I have boxes that have not been booted for several years. I'll bet that much on the code on those boxes is vulnerable too. I don't patch systems I am not currently using.


Sure you can do much better if you 1) know what you are doing and 2) are prepared to put in the necessary time. Most people don't meet either condition.

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email