Re: Windows 2000 and Cicsco router interoperability

["Scott G. Kelly" <skelly@redcreek.com>]

Glen Zorn wrote:

<trimmed...> 

> Henry Spencer wrote:
>
> > Granted, if security isn't important to the customer, their security is
> > likely to be weak.  But careful design by specifiers and suppliers can
> > have a big effect on *how* weak it is, both by avoiding gratuitous holes
> > and by influencing customer behavior in the right direction.  Such
> > measures can considerably improve the odds that a cracker will pick on
> > somebody else.  (Flu vaccination will not guarantee that you don't get the
> > flu, but it considerably improves the odds of getting only a mild case.)
> 
> To continue your medical analogy (though I'm not sure how appropriate it
> is), if flu shots were as painful as rabies treatment, how many people would
> just take their chances w/the flu?  My point here is that the entire purpose
> of xuth/mode config/etc. seems to be to create precisely the functionality
> already present in PPP (and by extension, L2TP).
> 

Actually, I think the entire point of the various user auth proposals
are to create the minimal necessary and sufficient *subset* of the
functionality present in ppp and l2tp in order to enable secure remote
access.

Scott

---

Follow-Ups:

• Re: Windows 2000 and Cicsco router interoperability
• From: Jan Vilhuber <vilhuber@cisco.com>
• Re: Windows 2000 and Cicsco router interoperability
• From: "CHINNA N.R. PELLACURU" <pcn@cisco.com>

References:

• RE: Windows 2000 and Cicsco router interoperability
• From: "Glen Zorn" <gwz@cisco.com>

---

• Prev by Date: RE: L2TP+IPsec and IKE authentication
• Next by Date: RE: L2TP+IPsec and IKE authentication
• Prev by thread: RE: Windows 2000 and Cicsco router interoperability
• Next by thread: Re: Windows 2000 and Cicsco router interoperability
• Index(es):
  • Main
  • Thread