nanog mailing list archives
Re: [arin-announce] IPv4 Address Space (fwd)
From: Henry Linneweh <hrlinneweh () sbcglobal net>
Date: Tue, 28 Oct 2003 15:21:11 -0800 (PST)
I think if program design criterion would change, to coding secure applications then the problem would be reduced dramatically -Henry Petri Helenius <pete () he iki fi> wrote: Matthew Kaufman wrote:
End-to-end requires that people writing the software at the end learn about buffer overruns (and other data-driven access violations) or program using tools that prevent such things. It is otherwise an excellent idea.
There is supposedly some magic going into this in the next "Service Pack" of a mentioned major exploding Pinto. Not sure if it´s just flipping the joke of firewall on by default or something more comprehensive/destructive like non-executable stack. Or a completely new invention like bug free code :-)
Unfortunately, the day that someone decided their poorly-designed machine and operating system would be safer sitting behind a "firewall" pretty much marked the end of universal end-to-end connectivity, and I don't see it coming back for a long long time. Probably not on this Internet. IPv6 or not.
Last I checked most "firewall"s don´t make these machines safe, it might make them safer, so only two out of three malwares hit them. Does not really help too much.
Combine that with ISP pricing models (helped by registry policy) that encourage <=1 IP address per household, and the subsequent boom in NAT boxes, and the fate is probably sealed.
Here I´ve observed opposite trend, most ISP´s are getting rid of NATting because it´s failure prone and expensive to implement and keep running. Pete
Current thread:
- Re: [arin-announce] IPv4 Address Space (fwd), (continued)
- Re: [arin-announce] IPv4 Address Space (fwd) Andy Dills (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Bruce Pinsky (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) sthaug (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Henry Linneweh (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Andy Dills (Oct 28)
- RE: [arin-announce] IPv4 Address Space (fwd) Kuhtz, Christian (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Petri Helenius (Oct 28)
- RE: [arin-announce] IPv4 Address Space (fwd) Greg Maxwell (Oct 28)
- RE: [arin-announce] IPv4 Address Space (fwd) Matthew Kaufman (Oct 28)
- RE: [arin-announce] IPv4 Address Space (fwd) Greg Maxwell (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Petri Helenius (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Henry Linneweh (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Adam Selene (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Valdis . Kletnieks (Oct 28)
- RE: [arin-announce] IPv4 Address Space (fwd) Deepak Jain (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) E.B. Dreger (Oct 30)
- RE: [arin-announce] IPv4 Address Space (fwd) Matthew Kaufman (Oct 28)
- Re: [arin-announce] IPv4 Address Space (fwd) Valdis . Kletnieks (Oct 29)
- Re: [arin-announce] IPv4 Address Space (fwd) Dave Howe (Oct 29)