In message <2 .
2 .
32 .
19960611194108 .
00b2d8dc @
intermind .
com>, Jeremy Noetzelman wr
ites:
>
> [...]
>
> Am I the only one who doesnt like the idea of my firewall being managed by
> SNMP? Seems to me to be a step backwards in security. Why not just toss an
> Xserver up there and let everyone use it?
>
Don't worry, you're not alone.
<musing>
There was some lively discussion a few months ago on comp.dcom.sys.cisco
(aka cisco @
spot .
colorado .
edu) regarding what cisco calls "customer-linkable
images" (basically, a way for customers to pick the exact features they
need, link the required object files, and get a custom image, instead of
being stuck with whatever feature sets cisco consider right for us :-).
If done the right way, this could help a lot with securing the firewall
(eg, IP routing, static routes only, no telnet, no SNMP). AFAIK, though,
cisco didn't commit as to whether/when this will come out.
</musing>
Michel Lavondes (lavondes @
tidtest .
total .
fr)
#include <disclaimer.h>
Governments are guilty until proved innocent
|
|
