In some mail from Alan Brown, sie said: > > On Sun, 13 Feb 2000, Darren Reed wrote: > > > You know if anyone was of a mind to find someone at fault over this, > > I'd start pointing the finger at ISP's who haven't been doing this > > due to "performance reasons". > > To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max > 4000), they will collapse under the load. i.e. poorly designed. > > They've had the ability to do it for > > years and in doing so would seriously reduce the number and possibility > > of "spoofing" attacks. > > See above. Having enough CPU available to handle spoof filtering from > dialups adds a lot to costs and most ISPs simply can't afford to pay > more in order to be able to provide that benefit. :-( Someone should either put a bomb under Cisco's arse and get them to pull their finger out and deliver a cost-effective box which does what's actually required for a `secure internet' or gather up some venture capital and build a new box which provides the requisite security. It would seem that the market is potentially quite large: replacing every Cisco dialup router in existance with a "secure one" with at least the same performance. How many 1000s of units do Cisco claim to have sold ? Darren
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:34:43 PDT