On Dec 8 2006 12:21, Joachim Schrod wrote:
JE> You know where this RFC attitude brought us - Web browsers accepting JE> broken HTML, resulting in sloppy non-standard pages that display in JE> less than average of the browsers. JE> Especially when it comes to JE> security, e.g. firewalls, it's better to turn the RFC quote:
JE> Be conservative in what you accept and be JE> liberal in what you do. JE> [http://jengelh.hopto.org/p/jen_ipfw/TECH.txt]
Be liberal in what you do?
E.g., allowing broken IP packets to leave one's network? E.g., with spoofed source IP addresses? E.g., allowing outgoing IRC packets for all systems?
Well, while not spoofing stuff. Locking out spammers is a simple combination of randomly replying and not-replying to their packets. That does not imply any of the three examples above.
And you tell me that my attitude brings us bad HTML pages?
Partly. One problem is that RFCs have too many SHOULDs in them rather than MUSTs. Another problem is that implementations sometimes don't even obey the SHOULDs and implement something as COULDs. (This is probably what I really intended to say.)
Your attitude helps to build bot networks and hackers.
What's bad in slowing down unwanted nmap scans?
PS: Please reply to the list. I don't consider this a private discussion.
PS: I did Reply-To-All (it's gone to both), since I don't yet have the procmail recipe in. -`J' -- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org