Don Marti dmarti@zgp.org
Fri Jan 31 12:31:03 PST 2003

begin Andrew quotation of Fri, Jan 31, 2003 at 02:40:54PM -0500:

> There's security, and then there's realistic security.  A reasonably-paranoid 
> NAT and stateful firewall would have also stopped this.

But would be vulnerable to a similar attack against a permitted port.

Nobody cares about this attack.  This attack is over.  It's all
about the next one -- for both sides, the worm writers and the
security people.

> Unfortunately not all applications we run 
> play nice, and the ones writing the cheques don't particularly care that 
> fooWare 2000 doesn't play well with proxies, they just want the software they 
> were sold to work.

I would really be interested in seeing you argue the question
of packet filtering vs. application level proxies on its merits.
However, I must make a point of order:

This is a list of elitists intended to promote and extend elitism.
Defeatism and appeasement are not welcome here.  All that "baa, baa,
I'm just a sysadmin and I have to take whatever the developers and
the bosses subject me to" belongs on another list.  People on this
list don't want to hear that "unfortunately" something isn't going to
work because someone else insists on not holding up his or her end.

By all means file a bug report for bad software (even if it doesn't
_quite_ make baby Jesus cry) and put a link to the BTS here.
But as far as elitists are concerned, bad software exists to be
fixed or removed, not just worked around.

Don Marti                  Even if we don't get DMCA reform, loudly
http://zgp.org/~dmarti     demanding DMCA reform is going to get the
dmarti@zgp.org             injustice of the DMCA in front of the next
KG6INA                     jury.  Make noise.  It counts.

More information about the linux-elitists mailing list