[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf configuration



On Wed, Sep 04, 2002 at 11:20:12PM +1000, Darren Reed wrote:

> In some mail from Nick Holland, sie said:
>
> > Telnet  and friends  were  not designed  nor implemented  with
> > security in mind.
>
> No, they were designed with a different risk scenario in mind.

Oh, my.

If you define the ``risk scenario in mind'' for telnet as ``remote
network connections  are as secure  as keyboard cables,''  you can
almost get  away with that  statement. You know, I think  my great
aunt Bell used the same kind  of ``risk scenario'' when she didn't
bother putting locks on the cabin she  built at the top of a 9,000
foot mountain  in northeast Nevada  that was at least  fifty miles
from the nearest ranch--let alone town.

Folks,  Darren's  crack  dealer  forgot  to  cut  the  goods  this
morning. Maybe  soon  he'll  get   distracted  by  all  the  purty
colors....

In the mean time, any of y'all  still using IPF, keep in mind that
you're trusting your network to  somebody who thinks telnet can be
defined in  some way  as ``secure.''

Wow.

Theo, thank you for dumping IPF! Daniel, thank you for writing pf!
Darren, thank you for screwing with the license in a way that gave
them the final incentive to do so!

b&

--
Ben Goren
 mailto:ben_(_at_)_trumpetpower_(_dot_)_com
 http://www.trumpetpower.com/
 icbm:33o25'37"N_111o57'32"W

[demime 0.98d removed an attachment of type application/pgp-signature]