Re: Q on external router

From: tqbfat_private
Date: Thu Apr 23 1998 - 13:15:18 PDT

  • Next message: tqbfat_private: "Re: Q on external router"

    > Thus, in my opinion (but have a look at my email address to see
    > that I could be biased ;-) ), the switch can increase the DMZ security
    > if:
    > - it uses static mapping
    > - as you put part of your security in the switch configuration, you
    >   must obviously secure your switch config (OTP, ACL, management via
    >   console only, ...)
    
    What about problems that fault the switch itself? We have seen bugs that
    crash 3Com switches due to poor IP stack implementation; Cisco is aware of
    bugs that affect their Catalyst platforms as well. What assurance do we
    have that switches are implemented with the same attention to security as
    firewalls? 
    
    -----------------------------------------------------------------------------
    Thomas H. Ptacek			     		Secure Networks, Inc.
    -----------------------------------------------------------------------------
    http://www.enteract.com/~tqbf	 "If you're so special, why aren't you dead?"
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:56:35 PDT