Full Disclosure mailing list archives
Re: RE: Example firewall script
From: "J.A. Terranson" <measl () mfn org>
Date: Sat, 27 Aug 2005 19:50:33 -0500 (CDT)
On Sun, 28 Aug 2005, Jason Coombs wrote:
The problem with knowing a thing or two about a thing or two is that you're constantly arguing with other people who know nothing about things that nobody else can possibly understand, and that nobody will be forced to learn about or consider carefully until it's too late for the knowledge to save them from harm.
Slow day Jason?
This is yet another reason that full disclosure is crucial to everyone's readiness and to our ability to defend ourselves... Discussion and analysis of complex subjects, with real-world study and disclosure of failures and mistakes, prepares us to understand new risks and classify new threats according to actual significance in our situations. So, thank you both for sharing your debate and thereby calling attention to an area of uncertainty in practice, but if you're going to argue about definitions of routing tables vs. ACLs, why not do it in a way that mere mortals are able to understand some day in the future when they find your debate archived somewhere because their Cisco router's ACL ruleset failed to consider the fact that they had routes and multihomed interfaces configured dynamically by an attacker who knew better than the victim just how ACLs are parsed and precisely what the difference is between a good ACL and a bad one -- or where an attacker knew there was another interface physically attached to the Cisco device where a small wireless access point could be attached, which WAP would automatically assign the Cisco device another endpoint address in the WAP's address space.
Heartily agreed. In spite of that agreement, thank you for providing that wonderful tidbit.
Fuck off doesn't add to the substance of the technical arguments, and even trying to understand why you are debating at all there does not appear to be any reason
Actually, I accept responsibility for the ambiguity: the "FUCK OFF" was not directed at the technical pseudodebate, it was directed at the lunatic telephone calls. So, for the sake of clarity and in the spirit of Full Disclosure, allow me to be clearer the second time around: Eric: FUCK YOU. (As opposed to "FUCK OFF"). There. I feel better now :-) //Alif -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: RE: Example firewall script, (continued)
- Re: RE: Example firewall script J.A. Terranson (Aug 27)
- Re: RE: Example firewall script James Tucker (Aug 27)
- RE: RE: Example firewall script Jan Nielsen (Aug 27)
- RE: [inbox] RE: RE: Example firewall script Exibar (Aug 28)
- Re: RE: Example firewall script mayhem (Aug 27)
- RE: [inbox] RE: Example firewall script Exibar (Aug 28)
- Re: RE: Example firewall script Rachael Treu Gomes (Aug 30)
- Re: RE: Example firewall script fd (Aug 30)
- Re: RE: Example firewall script J.A. Terranson (Aug 27)
- Re: RE: Example firewall script J.A. Terranson (Aug 27)
- Re: RE: Example firewall script Jason Coombs (Aug 27)
- Re: RE: Example firewall script J.A. Terranson (Aug 27)
- RE: RE: Example firewall script Bernardo MartÃn (Aug 29)