I've been hearing bits and pieces of this report for a few months. It finally showed up on the web Monday. Network Group - An Examination of the NS/EP Implications of Internet Technologies - June 1999 <http://www.ncs.gov/nstac/NSTACReports.html> Its not as bad as I heard. It is definitely written from the bell-head perspective. If it didn't have the compulsive need to compare the Internet to the switched voice network, it would be a better report. I think the report does make a mistake in assuming the government is the source of all NS/EP information. I suspect if you did a survey of all the three-letter government agencies about how they obtained their information and updated anti-virus programs on their super-secret networks for the Melissa and Explorer.ZIP, most of them downloaded the fixes from the vendor web sites just like the rest of us. If they waited for the Black Helicopter (or FedEx) to deliver their 'secure' media they were vulnerable longer since the last several outbreaks occurred on a Friday afternoon or weekend and the fix showed up the following business day. Ignoring the NS/EP part of the report, the operational issues remain. The report does cover most of the major Internet operational vulnerabilities: - The distributed, informal nature of Internet management - The domain name system (DNS) - Critical Internet control software and systems - Procedural errors I'm sure each of us would define the problems a bit differently, but before we get hung up on what "is" is, does anyone care to address the issues as raised? Although you can't put this into your Cisco config, I think this is about as on-topic as we can get for this list. But I would request you at least read the report before responding. Its about 100 pages, and covers a lot of ground. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation