Recently, Ascend introduced support for "numbered" interfaces. From the
release notes:
--snip------------------------------------
The Pipeline will accept IP packets whose destination is a numbered
interface listed in a Connection profile, considering them to be destined
for the Pipeline itself. (The packet may actually arrive over any
interface, and the numbered interface corresponding to the packet's
destination address need not be in the active state.)
--snip------------------------------------
Interesting that it will accept packets over *any* interface, destined
for that _or_any_other_ interface.
Any thoughts regarding if this is a security risk?
Ob firewalls: using static filtering or Ascend's firewalling (ie
Morningstar dynamic filtering) this should be controllable. Any
remaining security risks?
-----------------------------------------------------------------
Neale Banks Ph: +61 3 9205 0333
Senior Consultant Fx: +61 3 9819 0533
Integration Design P/L neale @
idesign .
com .
au
Planet Internet neale @
planet .
net .
au
** Internet Consulting Services ** Video Conferencing Systems **
** Network Management * Cable Management ** Help Desk Software **
** Communications Consulting ** Electronic Paging & Faxing S/W **
-----------------------------------------------------------------
|
|
