[unisog] New DISS Security Model

Phil Benchoff benchoff at vt.edu
Thu Jun 1 13:49:02 GMT 2006


Somewhere in that file it also says that the last router hop must
reverse to one of the approved TLDs too.

Folks who really need access should probably consider putting together
a VPN server where the server's address and it's clients reverse to
a .com.  Too bad alqaeda.com is already registered.

Phil

On Thu, Jun 01, 2006 at 12:02:23AM -0400, Steve Worona wrote:
> 
>    No, I think you've got it right, Marty. Here's the DSS instructions
>    for making sure you have an OK IP address:
[...]
>    So all you need is a non-.EDU PTR for the IP. No problem (apparently)
>    if the IP happens to be within an otherwise .EDU-registered IP range.
>    
>    As someone mentioned on another list, the scary thing is that these
>    are the folks supposedly protecting the nation's sensitive systems
>    from attack.
>    
>    A separate question (please answer off-list): Will anyone actually go
>    to the trouble of creating a suitable PTR so they can keep accessing
>    that page? What's it got that you want/need?
>    
>    Thanks.
>    
>    Steve
>    
>    --
>    Steven L. Worona
>    Director of Policy and Networking Programs


More information about the unisog mailing list