Greg Ketell wrote:
>
> At 10:58 PM 2/1/2001 +0100, Arnd Vehling wrote:
> >I got this choice with every other product i buy, why doesnt juniper
> >offer me this choice?
>
> You can load something onto "the other company's" routers?
No, i have the choice to tamper with the product and loose
the warranty if i want to.
I use only cisco and juniper at the moment so no, "i cant to this
with the other routers".
But there are other router products where i am able to upload software
and on my ciscos (>=7500) is a ssh1 pre-installed.
> The difference is that if you load something onto your PC and it causes the
> PC to crash (in the M$ case: over and over and over), so what!
I hope that a juniper-box is a little bit more stable than an M$ Box
and theres prove out there that the recent SSH releases are _extremely_
stable on all other platforms. I would assume that this is the fact
with a j-box too.
[..]
> Is this a worthwhile risk for "less" rather than "more", or "tcsh" rather
> than "csh"?
no, but a SSH _is_ worth the risk. With telnet i risk beeing sniffed
or hijacked (somewhat unlikely) and face the same risk. In case
of somebody sniffing my login data i not only risk the stability
of my network but that of other networks too. Imagine somebody
tampering with my BGP setup ot using a CIX Backbone router for
DDOS Attacks. Thats worse than a backbone router going down.
> Juniper's answer to this question is "no".
That became somewhat clear in your first mail already :)
> The reality is that at the moment we can't stop you. (Pay particular
> attention to the "at the moment".)
ok, i move fast :)
> But, if your router has problems after
> you do something like this your best bet is to reload JUNOS and keep it
> pristine.
u bet i do.
Arnd
--NetHead Network Design and Security Arnd Vehling av@nethead.De Gummersbacherstr. 27 Phone: +49 221 8809210 50679 Köln Fax : +49 221 8809212
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:40 EDT