[ietf78-tech] IETF Security Issues

[kemp]

Liu wu (Tsinghua CERNET) wrote:
> Hi all, 
> During the network deployment and the operation for the 78th IETF Meeting, I found some of the network security problems which can be seen in the attachment.
> Can we take some measures to solve these problems?
> Thanks very much!
> 
> Wu Liu

I think Geert Jan addressed most of these, and you have
this now, but I'll summarize for the list.

You can do static ARP for certain addresses on critical machines.
And you can do sniffing and monitor for any changes in the .1
address for all the networks.  That's probably sufficient.

For the certificate issues, you might distribute the information
to your NOC team ahead of time, and publish what you can on the
website.  If attendees could retrieve-and-verify ahead of time, that
would solve the bogus certificate issue.

If you have the capability, monitoring for Rogue AP's can
be useful.  But it really isn't that easy to do in this kind
of environment.  But that is something some people do.

-- 
John Kemp
kemp at network-services.uoregon.edu
RouteViews Engineer
541-346-1714