New Zealand ADSL Mailing List


RE: Your Jetstream/ADSL connection is NOT secure

From: rob.edkins_at_axon.co.nz
Date: Fri, 21 Jun 2002 08:32:24 +1200
Message-ID: <42CCA0F98530D111A77900805F0D52B303CEFCD2@ax-akl-exchange.axon.co.nz>

That seems unduly harsh?

OpenBSD ship a pretty secure operating system, but people can still
misconfigure it horrendously.

Is that their fault?

I've no argument that Technical writers could do a better job sometimes
(maybe it just loses in the translation occaisionally :-) ) , and there are
some pretty good configuration wizards around, but I think it would be a big
ask for a manufacturer to anticipate every conceivable configuration option
that a user could choose and the cumulative security implications.

I personally WANT a router to be flexible and configurable.

Buying a Cisco IOS router implies a level of acceptance that it is a complex
beastie and that a degree of knowledge is required to configure it
correctly.

Perhaps the Vendor, rather than the manufacturer should be proactive in
making sure a customer gets appropriately informed about the issues and
potential pitfalls. Then at least the customer has an informed base to make
a decision about whether to seek additional expert help.

As to mister Burns and his helpful activities...ethics of unsolicited port
scans aside, I'd be more convinced of his altruism if the email didn't sound
so much like spam.

Posting details of the vulnerability to the relevant list(s) and inviting
people to contact him if they wanted his help might have been a better
approach.

Rob

> I see it has the Manufacturers fault for not providing good
> enough setup
> instructions for their routers (and its not Just Dynalink) to
> make them
> secure for the layman (not many people read the entire manual
> of there DSL
> Router). 

-- 
The information contained in this e-mail message is intended only for the use of the person or entity to whom it is addressed and may contain information that is CONFIDENTIAL and may be exempt from disclosure under applicable laws. 
If you read this message and are not the addressee you are notified that use, dissemination, distribution, or reproduction of this message is prohibited. If you have received this message in error, please notify us immediately and delete the original message. You should scan this message and any attached files for viruses. 
Axon Computertime accepts no liability for any loss caused either directly or indirectly by a virus arising from the use of this message or any attached file.
-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message
Received on Fri Jun 21 08:32:47 2002

This archive was generated by hypermail 2.2.0 : Thu Nov 30 11:48:23 2006 EST