[Snort-devel] RE: [Snort-users] Possible Queso Fingerprint attempt?
gbinder at ...462...
Fri Mar 16 05:54:44 EST 2001
Ookhoi on Thu, Mar 15, 2001 at 12:55:22PM +0100:
> >  If anyone involved in that asinine decision is reading this, I'd
> > certainly like to thank you for really buggering up a lot of firewalls and
> > IDS's around the world. That was a great plan, guys. Top notch execution,
> > too.
> Ecn is a good thing. The firewalls should be fixed.
I agree that equipment broken with regards to RFC 793 should probably be
fixed. I personally would probably not implement an experimental method
in a production release, and certainly not enable it by default.
And I'm still wondering how a design goal of making my "Internet
Experience more pleasurable" (linux kernel ML FAQ,
http://www.tux.org/lkml/#s14-2) would relate to me being blocked by a
whole lot of routers or firewalls, or my ISP blocking me because people
report things like the Queso Fingerprint from my systems. I guess it
doesn't help 2.4 users that their system is sane and everybody else's is
broken, it doesn't work for THEM. :)
In addition, this might make my "Internet Experience" less secure,
because it forces vendors to provide patches for what would actually be
a non-issue quickly, if deployment of new features would have been done
in a proper way.
Gregor Binder <gregor.binder at ...462...> http://sysfive.com/
sysfive.com GmbH UNIX. Networking. Security. Applications.
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55
More information about the Snort-users