Re: deny access

[GuidoZ <uberguidoz () gmail com>]

Yikes, missed a lot. I was out of town for the last 6 days and will
attempt to reply to this. It's obvious a lot of confusion went on.
I sincerely hope this makes it to the list, as it's not a flame, but
an explination of what seemed to get confused. Hopefully this
will straighten it out for everyone and allow them to realize note
just the purpose of my actions but also to further expand from
my statements.

> richardw <richardw () area52 allserve net> said:
>
> man peopleskills

I have very good people skills actually. =) I've helped write many
social engineering books and white papers. That's completely besides
the point however.

> If you don't want to help, then simply do not reply to his post -
> sending a message to the list saying you're not going to help someone is
> bad form. This is the security-basics list, not the
> crabbyoldunixgururtfm list.

This is where you're wrong. I do want to help, which is exactly WHY I
didn't give a direct answer in THIS case. Every case is different,
period. As I said, judging from the emails I had seen and the level of
experince Carlos had with his troubles, I thought that having him
learn a bit more would be much eaiser to solve the problem.

As for crabbyoldunixgururtfm, I'm nothing near that. =P I'm 27 and
have a strong Windows background. My Unix/Linux is limited to basic
knowledge and security. =)

> Furthermore, we don't need any "daddy lectures" telling us how to help
> Carlos - we'll help Carlos if we want to.

No, you don't need daddy lectures at all - that's why I wasn't giving
one. I was stating a fact. You should think before you act. Use
judgement and take into account all factors such as knowledge,
situation, concequences, etc. This is what I did and have provided my
reasons. You may be surprised at how many have emailed me off
list agreeing with me, saying I stated my side and point quite well.

> This is this just plain darn wrong, and someone with 10 years of
> experience would know that. Telling someone to not block 127.0.0.0/8
> into their network is bad advice. The entire range is dedicated for
> internal loopback communications and is not to leave the box, per the
> RFC. If Carlos is having problems FROM 127.0.0.1 to his box, it could
> very well be that someone is spoofing their ip address, as 127.0.0.1 is
> sometimes trusted by various applications and by the O/S - but anyone
> with over 10 years of experience of giving advice on the security-basics
> list would know that.

Here you just got completely confused. I was using 127.0.0.1 as an
example, NOT an actual IP#. Instead of tossing out the IP# he was
actually using, I used that figuring everyone would KNOW it didn't
allpy in this case. Next time I'll just say "#.#.#.#", although I
imagine that would confuse even more people.

Look back at what I had said, looking past the IP# I used now.,
Hopefully that will clear something up. Sorry for the confusion. =)

--
Peace. ~G