[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Contribute to pf(4)



On Tue, 16 Jul 2002, Dirk Rosler wrote:

> I fail to understand the concern addressed with blocking those unused
> networks. If you're vulnerable, you're vulnerable, irrespective of origin.
> All you do is reduce "from any" to "from any minus unused networks", but
> so what?

It isn't a question of vulnerable or not. It's a question of who you're
talking to. If the other end of the IP conversation is blatantly fake,
why bother spending any more time on it?

I have caller-ID, and anything that shows up as "unknown name" and/or
"unknown number", I ignore, because it's not worth my time to even start
a conversation with a telemarketer.

 Say you are running a vulnerable service reachable "from any minus unused
> networks", so the attacker has to be on a legit IP to attack? This seems
> bizarre as chances are almost 100% that he will be anyway.
>
> Anti-spoofing? Well, then the attacker will just spoof using a legit IP...

The availability of fake IDs doesn't prevent ID being required for liquor
sales.

> What is gained by blocking unused networks?

What's lost? I will grant, security gains aren't huge, but neither is the
cost.

[ Dave Taira <bodhi_(_at_)_hagakure_(_dot_)_org>                2002.07.15/23:05:11 PDT ]
[ Morlock for Hire                                                       ]
[ I hate to advocate drugs, alcohol, violence, or insanity to anyone,    ]
[ but they've always worked for me.  -- Hunter S. Thompson               ]



Visit your host, monkey.org