| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun Aug 28 04:00:50 2005 From: ericscher at mac.com (ericscher@....com) Subject: J. A. Terranson I did a dumb thing today. I decided to be nice to someone who didn't deserve it and correct his mistakes offline so that he wouldn't have to look like a dumbass in public. In return, I got an earful of profanity. Honestly, I should have known better. I've watched Terranson participate on this list long enough to know that he's not merely rude and obnoxious, he's mean. Bottom line, when you're dealing with someone who isn't a particularly good person; there's no point in trying to treat them like a human being. Like the man said; it wastes your time and annoys the pig. I get it. This is a place where he gets to feel like a big man. A tough guy. Fine. Whatever floats his boat. HOWEVER, that's no excuse for: a) Acting like a JackAss. (Is that what the J.A. stands for?) b) PUTTING OUT BAD INFORMATION. For the record, Kid... (Act like a child, you'll get treated like one.) 1) An Autonomous System is a network or group of networks under the control of a single administrator and/or administrative policy. 2) A "Multihomed" network is one which has more than one WAN connection to one or more service providers. 3) The one has nothing to do with the other. ALL Autonomous systems are NOT multihomed. In fact, the vast majority are not. If you actually understood what an autonomous system was, you'd know that. But then, you wouldn't have put your foot in your mouth. 4) Access Control Lists ARE traffic shaping devices. A device is a contrivance, invention or technique serving a particular purpose. In this case, the purpose being served is the movement of packets. The packets may be moved to another port or they may be moved to "the trash". The ACL tells the machine to examine the packet based on certain defined criteria that the administrator chooses and make decisions about the movement of the packet based on that criteria. This may serve a security purpose or it may not. 5) Access Control Lists are constructed in a particular manner; complex to simple. Specific to general. They don't HAVE to be written that way, but they should be and there is a damned good reason for it. Once a packet matches a particular line, the packet is moved. It may go to another port or it may get dropped; but the point is that it doesn't stick around for a second analysis. If you put a deny statement about a particular subnet ABOVE a permit statement for a particular host FROM that subnet, it's too late. The packet from that host has already been dumped. But hey, if you don't mind having a buggy network because you insist on doing things YOUR way, go ahead and write your ACL's any way you want. Not my problem. As has already been pointed out, this is a subject better addressed in a textbook. Whether you want to learn Cisco ACLs, iptables or whatever; you need some in depth subject matter. This is a complex subject and one in which you CLEARLY need remedial study. One last thing, Kid... You said that you could suggest some books for me? If those are the same books that you got YOUR monumentally incorrect information out of, no thanks. I actually know something about this subject, and I'd like to keep it that way. You may now feel free to have the last word. I'd know that sort of thing is important to someone like you. -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .
Powered by blists - more mailing lists