Dave:
Regarding this statement in your 6LowPAN tutorial: The most highly sensitive networks use IP internally, but are completely disconnected from all other computers. Best practice recommendation from Command Information to ensure your sensitive system is both physically and logically disconnected from other computers: *Physical separation from outside networks is not a perfect security model as occasional accidental and malicious security breaches can happen when someone 'plugs in the wrong wire' * We also recommend a 'policy-based' model to give you logical separation from the 'I'nternet: -Utilize encryption between all nodes of your systems and IPsec from any gateway to outside application controllers. -Address your network with RFC 4193 Unique Local Addresses (ULAs) -Firewall any gateways to outside, and do actual penetration testing to ensure your gateway has no openings We recommend this for people doing building control, security, & process automation with BACNetIP and 6LowPAN type technologies. David Green VP of Research and Development | Command Information <http://www.commandinformation.com/> 13655 Dulles Technology Drive, Herndon, VA 20171 Office: 703.561.5937 | Mobile: +1-703-899-9663 2610:00F8::/32 <http://www.commandinformation.com/labs/index.php> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> From: David Culler [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 30, 2007 7:24 PM To: [email protected] Subject: [6lowpan] Feedback on 6LoWPAN tutorial I would like to get feedback/corrections on a 6LoWPAN tutorial that I've put together with Jonathan Hui. The pdf is at http://www.archrock.com/downloads/resources/6LoWPAN-tutorial.pdf . Thanks in advance.
_______________________________________________ 6lowpan mailing list [email protected] https://www1.ietf.org/mailman/listinfo/6lowpan
