nanog mailing list archives
Re: ICANN opens up Pandora's Box of new TLDs
From: Warren Kumari <warren () kumari net>
Date: Mon, 30 Jun 2008 13:22:04 -0400
On Jun 30, 2008, at 12:54 PM, Valdis.Kletnieks () vt edu wrote:
On Sun, 29 Jun 2008 17:55:53 EDT, "Tuc at T-B-O-H.NET" said:220 Sending HELO/EHLO constitutes acceptance of this agreementEven in a UCITA state that has onerous rules regarding shrink- wrapped EULA terms, I think you'd have a very hard time getting a court to enforce an alleged contract based on this. And it's different from the usual suggestion to put "all activity may be monitored" in your telnet/ssh login banners, because there's an expectation that the human will look at a login banner when they login, but there's no expectation that an SMTP server will look at the 220 banner any further than checking the first digit is a '2' (go read the sectionon SMTP reply codes in RFC2821). Feel free to cite any relevant case law (in fact, even the case law onlogin banners read by humans is a tad skimpy - in most cases, it does nothing for intruders, but it protects you from your own users complaining theirprivacy was violated)...
I have found the biggest advantage of banners to be the fact that you learn to recognize your own devices *before* typing your password...
It you *always* have a banner on *all* of your devices, you quickly learn to expect them...
For example: ssh router1.example.net ************************************************************** * This device belongs to example.net. Don't login if you * are not supposed to be here... Blah blah blah. * <><><><><><><><><><><><><><><><><><><><><> ************************************************************* wkumari () router1 example net's password: versus: ssh router1.exsmple.net wkumari () router1 exsmple net's password:Having a cute, customized banner (not the default from the standard security templates) helps with this...
W --If the bad guys have copies of your MD5 passwords, then you have way bigger problems than the bad guys having copies of your MD5 passwords.
-- Richard A Steenbergen
Current thread:
- Re: ICANN opens up Pandora's Box of new TLDs, (continued)
- Re: ICANN opens up Pandora's Box of new TLDs John Levine (Jun 26)
- Re: ICANN opens up Pandora's Box of new TLDs David Conrad (Jun 26)
- RE: ICANN opens up Pandora's Box of new TLDs Frank Bulk - iNAME (Jun 26)
- Re: ICANN opens up Pandora's Box of new TLDs Stephane Bortzmeyer (Jun 29)
- Re: Internet management, was ICANN opens up Pandora's Box of new TLDs John Levine (Jun 29)
- Re: Internet management, was ICANN opens up Pandora's Box of new TLDs Gadi Evron (Jun 29)
- Re: ICANN opens up Pandora's Box of new TLDs Tony Finch (Jun 29)
- RE: ICANN opens up Pandora's Box of new TLDs Frank Bulk - iNAME (Jun 29)
- Re: ICANN opens up Pandora's Box of new TLDs Tuc at T-B-O-H.NET (Jun 29)
- Re: ICANN opens up Pandora's Box of new TLDs Valdis . Kletnieks (Jun 30)
- Re: ICANN opens up Pandora's Box of new TLDs Warren Kumari (Jun 30)
- Re: ICANN opens up Pandora's Box of new TLDs Jay R. Ashworth (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Marshall Eubanks (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs John Levine (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs David Conrad (Jun 26)
- Re: ICANN opens up Pandora's Box of new TLDs Randy Bush (Jun 26)
- RE: ICANN opens up Pandora's Box of new TLDs Martin Hannigan (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Eric Brunner-Williams (Jun 27)
- Message not available
- RE: ICANN opens up Pandora's Box of new TLDs WWWhatsup (Jun 27)