Full Disclosure mailing list archives
Re: SQL Slammer - lessons learned
From: Niels Bakker <niels=netsys () bakker net>
Date: Fri, 7 Feb 2003 15:38:56 +0100
* John.Airey () rnib org uk [Fri 07 Feb 2003, 11:46 CET]: [..]
Which brings me full circle back to stateful inspection. I can see no business reason why any organisation would need the outside world to initiate sessions to ports other than allowed privileged ports. (I leave the definition of allowed privileged ports undefined as it is an issue between the ISP and its customers. One or two people have digressed onto this issue)
The concept of UDP having a session worth speaking of that firewalls can use to distinguish packets belonging to a conversation from packets not belonging to one is so deeply flawed I won't even get into it. I'm not sure why this issue keeps getting rehashed. It's been well established that a policy of denying all that isn't needed is prudent. Also, it's been established that it's not up to connectivity providers to force their ideas of proper filters on everyone.
- John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind,
Please use a real signature separator; software can then automatically recognise signatures and skip them when quoting, for example. Also, I'd appreciate it if you would upgrade to a real mail user agent that generated proper In-Reply-To: and References: headers so threading would work for those who prefer to use it, e.g. me. I also won't get started on your stupid legal disclaimer - whose only value is to pinpoint your company's legal team as a bunch of knuckle- dragging morons. (So thanks for the heads-up in showing who you hang out with; it's a valuable aid in determining one's worth.) Have a Nice Day, -- Niels. -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: SQL Slammer - lessons learned, (continued)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 06)
- Re: SQL Slammer - lessons learned Steffen Dettmer (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned John . Airey (Feb 05)
- RE: SQL Slammer - lessons learned Cushing, David (Feb 05)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned John . Airey (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned John . Airey (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- Re: SQL Slammer - lessons learned Georgi Guninski (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)