How do you enable an IP interface because you need a unique address for your interfaces? When I say not part of the default configuration I mean the default configuration doesn't even have a space for "put key here." On Tue, 4 Jun 2002, Farhan Memon wrote:
How can u enable auth by default, since you would have to stick in a key somehow, and if that was default then it could be exploited.
rgrds
Faz
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of batz Sent: 04 June 2002 15:20 To: Sean Donelan Cc: Barbara Fraser; nanog@merit.edu Subject: Re: route authentication
On Tue, 4 Jun 2002, Sean Donelan wrote:
:Some ISPs are practically religious about using them, usually the result :of a single person at the ISP pushing it. But for the most part it hasn't :really taken hold in the professional security consulting field.
I would suggest that it is also ISP's who do not hire security consultants. Consulting fees tend to come from departmental budgets, and almost every network engineer I have ever met fancies themselves a security expert. There isn't alot of incentive for them to get a third party opinion, because of a lack of faith in the clue of most consultants, and a general aversion to having anyone touch the delicate house of cards many network engineers have constructed.
Maybe Cisco could add this as a default requirement of the configuration that had to be explicitly disabled? In fact, it would be nice if all protocol configurations had to have their authentication manually disabled.
-- batz