[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
BGP Experiment
- Subject: BGP Experiment
- From: owen at delong.com (Owen DeLong)
- Date: Wed, 9 Jan 2019 11:37:02 -0800
- In-reply-to: <CAAeewD8r5GKW=7-BzZ-SGXzjziD4OYc6Fu8uhBO6giAaFgwQ1w@mail.gmail.com>
- References: <CADbXrd2QJYi6eWW6KBhaWANk=RhzfoHoypDHjZZHFw+pHw3tnA@mail.gmail.com> <CADbXrd0fBQxihw-RttMfXAASgx6ynPBuLtHcfsN6ja5-Xcfq=g@mail.gmail.com> <[email protected]> <CAB69EHiWeg2GFto4PM=wY7xegHgLzRLcK=K==uTm7cW+dvyGRA@mail.gmail.com> <[email protected]> <CALZ3u+beeGekoW_Gnn0n98fM1ZsEaDnFQAj-qWfM3evLFQnObQ@mail.gmail.com> <[email protected]> <CALZ3u+a4dD28uHFF+YnSRUsi5x__fMgrZ4=ONnToAwq+SqDc2Q@mail.gmail.com> <CAAeewD8r5GKW=7-BzZ-SGXzjziD4OYc6Fu8uhBO6giAaFgwQ1w@mail.gmail.com>
> On Jan 9, 2019, at 10:51 , Saku Ytti <saku at ytti.fi> wrote:
>
> On Wed, 9 Jan 2019 at 20:45, Töma Gavrichenkov <ximaera at gmail.com> wrote:
>
>> Nope, this is a misunderstanding. One has to *check* for advisories at
>> least once or twice a week and only update (and reboot is necessary)
>> if there *is* a vulnerability.
>
> I think this contains some assumptions
>
> 1. discovering security issues in network devices is expensive (and
> thus only those you glean from vendor notices realistically exist)
Not reallyâ?¦ I think the assumption here is that you canâ??t resolve an issue until the vendor publishes the fix. Outside of the open-source routing solutions (and even for most deployments, including those), I would say this is a valid assertion. (Itâ??s more of an assertion than an assumption, IMHO).
> 2. downside of being affected by network device security issue is expensive
This depends on the issue, right?
Owen