Re: Current network/Internet is so weak...in face of Nimda-likewo rms

Thu, 20 Sep 2001 18:47:20 -0700 

I think the next-generation routes/gateways should take more responsibility.

For example,  routers, or gateways, to the network/Internet is what the policmen to 
the city high-way comunication system.  The policmen should make the highway system 
fluent, and so do to the future routers.  

But the quesiton is how the router know what are 'bad' packets?  


----- Original Message ----- 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, September 20, 2001 11:08 PM
Subject: RE: Current network/Internet is so weak...in face of Nimda-likewo rms


> Please take this thread off ipng!
> 
> Mat.
> 
> > -----Original Message-----
> > From: Vishwanathan K [mailto:[EMAIL PROTECTED]]
> > Sent: 20 September 2001 16:01
> > To: Greg Maxwell
> > Cc: Wang Hui; Matti Aarnio; [EMAIL PROTECTED]
> > Subject: Re: Current network/Internet is so weak...in face of
> > Nimda-likeworms
> > 
> > 
> > >
> > > > Security policies can also be applied to the hosts within 
> > the network. But ultimately, the gateways
> > > > are responsible for security of its internal network.
> > 
> > obviously 'virus-control' was not being implied here !!
> > I was referring to more of things like packet filtering, 
> > firewalling and IP security policies. which i
> > agree have nothing to do with detecting malicious code.
> > 
> > > Are are obviously from a different universe then the rest 
> > of us. In our
> > > universe we us an incredibly flexible protocol called IP 
> > that is smart
> > > enough to know that policy can only be truly effectively done on the
> > > end-node and thus does it on the end node.
> > >
> > > I don't know how you would expect a router to know that an 
> > application is
> > > requesting a file called README.EML much less that it 
> > contains malicious
> > > code and that IE5 will execute it without it's users 
> > knowledge, except as
> > > an after the fact clean-up measure initated by humans.
> > 
> > 
> 
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------

Reply via email to