Re: RE : [midcom] More on new work item
Joel Tran <joel.tran@USherbrooke.ca> Fri, 30 April 2004 15:20 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA07829 for <midcom-archive@odin.ietf.org>; Fri, 30 Apr 2004 11:20:12 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJZXW-0005d2-8g for midcom-archive@odin.ietf.org; Fri, 30 Apr 2004 11:02:58 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i3UF2wWf021637 for midcom-archive@odin.ietf.org; Fri, 30 Apr 2004 11:02:58 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJZNw-0003ad-IG; Fri, 30 Apr 2004 10:53:04 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJZD5-0001hV-VW for midcom@optimus.ietf.org; Fri, 30 Apr 2004 10:41:52 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA05197 for <midcom@ietf.org>; Fri, 30 Apr 2004 10:41:48 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BJZD3-00061R-JV for midcom@ietf.org; Fri, 30 Apr 2004 10:41:49 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BJZC5-0005uK-00 for midcom@ietf.org; Fri, 30 Apr 2004 10:40:49 -0400
Received: from smtpi1.usherbrooke.ca ([132.210.244.92]) by ietf-mx with esmtp (Exim 4.12) id 1BJZAt-0005iv-00 for midcom@ietf.org; Fri, 30 Apr 2004 10:39:35 -0400
Received: from www03.usherbrooke.ca (www03.USherbrooke.ca [132.210.244.10]) by smtpi1.usherbrooke.ca (8.12.10/8.12.10) with ESMTP id i3UEcNTx024230; Fri, 30 Apr 2004 10:38:23 -0400
Received: (from apache@localhost) by www03.usherbrooke.ca (8.11.6/8.11.6) id i3UEcKx20647; Fri, 30 Apr 2004 10:38:20 -0400
Received: from cherkaoui4.gel.usherb.ca (cherkaoui4.gel.usherb.ca [132.210.72.39]) by www.usherbrooke.ca (IMP) with HTTP for <traj1901@courriel.usherbrooke.ca>; Fri, 30 Apr 2004 10:38:20 -0400
Message-ID: <1083335900.409264dc864e3@www.usherbrooke.ca>
Date: Fri, 30 Apr 2004 10:38:20 -0400
From: Joel Tran <joel.tran@USherbrooke.ca>
To: Jonathan Rosenberg <jdrosen@dynamicsoft.com>
Cc: 'Melinda Shore' <mshore@cisco.com>, midcom@ietf.org
Subject: Re: RE : [midcom] More on new work item
References: <000601c42dfb$648eae10$b248d284@kamel> <40917970.4050604@dynamicsoft.com>
In-Reply-To: <40917970.4050604@dynamicsoft.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 3.2.1
X-Originating-IP: 132.210.72.39
X-UdeS-i-MailScanner-Information: Veuillez consulter le http://www.usherbrooke.ca/vers/virus-courriel
X-UdeS-i-MailScanner: Aucun code suspect détecté
X-MailScanner-SpamCheck: n'est pas un polluriel, SpamAssassin (score=-4.9, requis 5, autolearn=not spam, BAYES_00 -4.90)
X-MailScanner-From: joel.tran@usherbrooke.ca
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: 8bit
Sender: midcom-admin@ietf.org
Errors-To: midcom-admin@ietf.org
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Id: <midcom.ietf.org>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 8bit
Selon Jonathan Rosenberg <jdrosen@dynamicsoft.com>: > > > Joel Tran wrote: > > > Jonathan Rosenberg, you raised a good point. > > > > There are however some ISPs that are deploying NAT/Firewall (i.e. China, > > Europe, Africa). In such case, DHCP might be useful. The ISP might do > some > > load balancing. Thus, DHCP method will provide a mean for the ISP to > > configure dynamically third-end party devices. As for the security > > information, this might be entered by the user to the third-end party > device > > (ex: same id/password as for the ADSL authentication). > > There is a serious trust issue here. Is the ISP really going to issue a > username and password to every user of their network, entrusting them > with permissions to use midcom to manage port bindings on their network > wide NAT?? I certainly hope not. Thats an open invitation for > substantial denial of service attacks. > > -Jonathan R. Correct me if I'm wrong. I don't think it is an open invitation for DOS attack if there is a proper Access Control List/Policy Rule in the Midcom device which may limit the use of the port bindings for each user. ...J _______________________________________________ midcom mailing list midcom@ietf.org https://www1.ietf.org/mailman/listinfo/midcom
- [midcom] More on new work item Melinda Shore
- Re: [midcom] More on new work item Jonathan Rosenberg
- RE: [midcom] More on new work item Christopher A. Martin
- Re: [midcom] More on new work item Melinda Shore
- RE : [midcom] More on new work item Joel Tran
- Re: RE : [midcom] More on new work item Jonathan Rosenberg
- Re: RE : [midcom] More on new work item Joel Tran
- Re: RE : [midcom] More on new work item Jonathan Rosenberg
- Re: RE : [midcom] More on new work item Joel Tran
- Re: RE : [midcom] More on new work item Melinda Shore
- Re: RE : [midcom] More on new work item Jonathan Rosenberg
- RE : RE : [midcom] More on new work item Joel Tran
- Re: RE : RE : [midcom] More on new work item Melinda Shore
- RE: RE : RE : [midcom] More on new work item Christian Huitema
- RE : RE : [midcom] More on new work item Joel Tran
- Re: RE : RE : [midcom] More on new work item Jonathan Rosenberg