\section{Scope}
-We are only analyzing...
-* internet serving devices
-* ...
+We restricted ourselves to:
+\begin{itemize}
+\item Internet-facing services
+\item Commonly used services
+\item Devices which are used in business environments (this mostly excludes XBoxes, Playstations and similar common consumer devices)
+\end{itemize}
+We explicitly excluded:
+\begin{itemize}
+\item Specialized systems (such as medical devices, most embedded systems, etc.)
+\item Wireless Access Points
+%\item Services which should be run only in an internal network and never face the Internet.
+\end{itemize}
+%% * whatsapp --> man kann nichts machen, out of scope
+%* Lync: == SIP von M$.
+%* Skype: man kann ncihts machen, out of scope.
+%* Wi-Fi APs, 802.1X, ... ???? --> out of scope
+%* Tomcats/...????
+%* SIP -> Klaus???
+%* SRTP -> Klaus???
+%* DNSSec ?? Verweis auf BCPxxx --> out of scope
+% - DANE
+%What happens at the IETF at the moment?
+%* TOR?? --> out of scope
+%* S/Mime --> nachsehen, gibt es BCPs? (--> Ramin)
+%* TrueCrypt, LUKS, FileVault, etc ---> out of scope
+%* AFS -> out of scope
+%* Kerberos --> out of scope
+%* NNTP -> out of scope
+%* NTPs tlsdate -> out of scope
+%* BGP / OSPF --> out of scope
+%* irc,silc --> out of scope
+%* LDAP -> out of scope
+%* Moxa , APC, und co... ICS . Ethernet to serial --> out of scope
+%* telnet -> DON't!!!
+%* rsyslog --> out of scope
+%* ARP bei v6 spoofing -> out of scope
+%* tinc?? -> out of scope
+%* rsync -> nur ueber ssh fahren ausser public web mirrors
+%* telnets -> out of scope
+%* ftps -> out of scope
+%seclayer-tcp 3495/udp # securitylayer over tcp
+%seclayer-tcp 3495/tcp # securitylayer over tcp
+%* webmin -> maybe
+%* plesk -> out of scope
+%* phpmyadmin --> haengt am apache, out of scope
+%* DSL modems -> out of scope
+%* UPnP, natPmp --> out of scope
git.bettercrypto.org / ach-master.git / commitdiff