| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030209215953.GG28967@faveve.uni-stuttgart.de> From: delta at FaVeVe.Uni-Stuttgart.de (Helmut Springer) Subject: SQL Slammer - lessons learned On 09 Feb 2003 at 21:53 +0100, Schmehl, Paul L wrote: > This analogy is false. For sure it is not 100% true, as all analogies aren't. > Your phone calls do not affect my ability to connect to the > telephone company, nor to do they take down my phone system. If I'm attacking your line or telco equipment or that of you carrier they will. Limited resources and vulnerable systems, actually this will become more of an issue as medias converge. > Furthermore, while the phone company doesn't decide the topics you > can discuss, they most *certainly* control what you can and cannot > transmit across their lines. They do? As long as I stick to the transmission standards (as in "ip" for the internet) I dare to doubt this. A good friend spent some years teaching telco people how to build and run phone networks, so I happen to have little insight here. > Finally, ISPs are not phone companies. They are companies that > contract with customers to provide them with a connection to the > Internet. Right, they sell the ability to send and receive ip packets, as already said. Everything else is add on I personally either don't care or will order (e.g. DoS handling at upstreams or whatever kind of service I as a customer would like to have for my site). They might take emergency measures as temporary exceptions to deal with emergency situations. > >Internet is the ability to send ip packets from one node to > >another. > > No, it's not. Actually it is, the most basic definition. > It's much more than that. It's the ability to communicate through > multiple means and methods. And much more. It is not simply a > connection from one node to another. If it *was*, you wouldn't be > concerned about blocking ports. Actually I'm not, you want to do so. I want to be able to send and receive ip packets according to the standards for this, that's it. > However, when your system affects mine, then I am involved. Yes, when they do so. As long as they don't they are simply none of your business. So don't tell me what ports I should be able to use on my side, feel free to filter to your needs on your side. > Just as you can do anything in the privacy of your own home, but > some things will get you arrested in public, you can do anything > on your own network, but when you get on the Internet you are in > public, and the public has a right to demand certain behaviors > from you and inflict certain consequences on you if you fail to > comply. That's liability for things done, as everywhere, no problem. > Paul Schmehl (pauls@...allas.edu) > Adjunct Information Security Officer > The University of Texas at Dallas Protect your constituency and make sure it doesn't attack others. If you find some spare time, try to understand internet. But don't try to force others to join a limited network you want to be in. -- MfG/Best regards, "A Feature you cannot disable is helmut springer considered a bug" comp.os.unix
Powered by blists - more mailing lists