Re: RE: Example firewall script

["J.A. Terranson" <measl () mfn org>]

On Sun, 28 Aug 2005, Jason Coombs wrote:

> The problem with knowing a thing or two about a thing or two is that
> you're constantly arguing with other people who know nothing about
> things that nobody else can possibly understand, and that nobody will be
> forced to learn about or consider carefully until it's too late for the
> knowledge to save them from harm.

Slow day Jason?

> This is yet another reason that full disclosure is crucial to everyone's
> readiness and to our ability to defend ourselves... Discussion and
> analysis of complex subjects, with real-world study and disclosure of
> failures and mistakes, prepares us to understand new risks and classify
> new threats according to actual significance in our situations.
>
> So, thank you both for sharing your debate and thereby calling attention
> to an area of uncertainty in practice, but if you're going to argue
> about definitions of routing tables vs. ACLs, why not do it in a way
> that mere mortals are able to understand some day in the future when
> they find your debate archived somewhere because their Cisco router's
> ACL ruleset failed to consider the fact that they had routes and
> multihomed interfaces configured dynamically by an attacker who knew
> better than the victim just how ACLs are parsed and precisely what the
> difference is between a good ACL and a bad one -- or where an attacker
> knew there was another interface physically attached to the Cisco device
> where a small wireless access point could be attached, which WAP would
> automatically assign the Cisco device another endpoint address in the
> WAP's address space.

Heartily agreed.  In spite of that agreement, thank you for providing that
wonderful tidbit.


> Fuck off doesn't add to the substance of the technical arguments, and
> even trying to understand why you are debating at all there does not
> appear to be any reason

Actually, I accept responsibility for the ambiguity: the "FUCK OFF" was
not directed at the technical pseudodebate, it was directed at the lunatic
telephone calls.  So, for the sake of clarity and in the spirit of Full
Disclosure, allow me to be clearer the second time around:

Eric: FUCK YOU.  (As opposed to "FUCK OFF").

There.  I feel better now :-)

//Alif

-- 
Yours,

J.A. Terranson
sysadmin () mfn org
0xBD4A95BF


I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/