[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] German ISPs (was: dip.t-dialin.net IP Range)
- Subject: Re: [cobalt-users] German ISPs (was: dip.t-dialin.net IP Range)
- From: "Jeffery L. JT Vogt" <lfm@xxxxxxxxxxxxxxxxxx>
- Date: Thu May 3 01:04:22 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
>But, obnoxious soul that I am, I just kept on posting about it.
One has to weight how "obnoxious" the "disease" is versus the "cure".
IMO, the "cure" is less obnoxious than the "disease".
>Perhaps, and I don't know how/if it could be done, a more interesting
>approach would be to:
>
>Allow access to port 80 so that web pages could be viewed
>Allow access to those IP's where you know you have a customer who
>requires access.
>
>If the above could be done, then the bulk of the legit users could
>access what they need, and the rest can go pack sand.
That would be easy enough to do, from a tcpwrapper standpoint. You
simply "deny" all and "allow" selected. That's actually, the
recommended way to do security.
Again, though, the implementation is different from the repository.
For those who can't (for whatever reason) do the "recommended security",
the resposity or "these are bad guys" would be a "Good Thing" (TM).
But, as I said, so far there seems to be a dearth of people who are
willing to be a part of either "the recommended way" or "the
repository" efforts.
-Arf, JT
------------------------------------------------------------------------------
"Tomorrow is always another day, but don't wait for it to come."
- Brian Post
Join the UniServe Seti@Home Team: http://www.unisrv.net/computerguys/seti
Unix, Networking and ISP Consulting lfm@xxxxxxxxxx
http://www.unisrv.net MSN IM: S_A_Alis@xxxxxxxxxxx ICQ 9099687
FurryMUCK (muck.furry.org 8888): S'A'Alis www.unisrv.net/lfm MSTie# 21756