On Thu, 1 Mar 2001, The Pal / Patrik Bodin wrote:
> As a courtesy to people that end up wanting to talk to the router?
> There are legal occasions where people may want to ping or traceroute.
> If you don't want that you might as well make it transparent.
i don't get it. you can already traceroute through it, and why in the
world would you allow regular joe schmoes from the net to log in, even as
a regular user (not EXEC mode for example) to traceroute or ping? that's
what looking glass routers are for.
if someone who should be managing the router needs remote access, they'd
better, by God, have access to a workstation within the domain of the
router by which they can get to the RFC1918 addressed interface.
as such, i don't see the case you present being valid.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
