On Wed, 5 Dec 2012, Ray Soucy wrote:
> My question is basically, "how low can you go?"
>
> There seems to be consensus around 20 seconds being safe,
> 15 being a 99% OK, and 10 or less being problematic.
I'm trying to imagine how even 10 could be problematic nowadays. Have you
found people repo
On Mar 1, 2012, at 02:13 AM, apishd...@gmail.com wrote:
> Hello All,
>
> We are looking for a switch or a device that we can use for mirroring
> tap ports. For example , take a mirror port off of a core router say
> a 6509, connect it to a port on said device, say port 1. I would like
> then t
On Thu, Jul 5, 2012 at 1:42 PM, William Herrin wrote:
> No, path MTU discovery is the answer I'm fishing for.
The "TCP specifically" part of the question confused the heck out of me.
PMTUD is an IP function in every way as far as I'm concerned. (If you're
saying that the way it's actually coded m
On 5 Feb 2015, at 01:56, Michael Hallgren wrote:
> Le 04/02/2015 17:19, Roland Dobbins a écrit :
>>
>> Real life limitations?
>> https://app.box.com/s/a3oqqlgwe15j8svojvzl
>
> Right ;-) Among many other nice ones, I like:
>
> `` IPS devices require artificially-engineered topological symmetry-
>
On 5 Feb 2015, at 08:13, Michael Hallgren wrote:
>
> Sure they will give you pretty graphs of script-kiddie attempts but
> that's just the noise in which the skilled attack will get lost.
Sorry but this is not even in the neighborhood of what a
properly-implemented IPS does.
I can certainly see
On Thu, Feb 5, 2015 at 8:34 AM, Roland Dobbins wrote:
> I've never heard a plausible anecdote, much less seen meaningful
statistics,
> of these devices actually 'preventing' anything.
People tend to hear what they want to hear. Surely your claim can't be that
an IPS has never, in the history of
eploy IPS's in such a way that they don't make your network
less secure via DDoS susceptibility, or reduce availability due to
non-existent or subpar redundancy/survivability engineering, then you
shouldn't deploy IPS's.
-Terry
On Thu, Feb 5, 2015 at 11:46 AM, wrote:
> On Thu,
On 6 Feb 2015, at 1:40pm, Roland Dobbins wrote:
> *Real* security mostly consists of *doing things*. It requires skilled,
experienced
> people who have both broad and deep expertise across the entire OSI
model, are
> well-versed in architecture and the operational arts, and who understand
all the
On 6 Feb 2015, at 3:01, Roland Dobbins wrote:
> Which highlights the importance of broadness of experience, of
> knowledge and understanding of the experiences of others, and
> understanding of the implications of scale.
It highlights the importance of knowing what you're doing in the real worl
On Apr 21, 2011, at 4:20PM, Steven Bellovin wrote:
> For your application or for the VPN? For the VPN, I *strongly*
> suggest you use UDP, or you're going to get dueling retransmissions
> and spend a lot of time sending many copies of the same thing. Consider:
> if a packet is dropped, either due
10 matches
Mail list logo
