Brian Steele [SPICEISLE] wrote:
[copied from a reply made to another member off-list]
Then you are mistaken. Security through obscurity has long been
repudiated by knowledgeable security folks, dating from collquia of
locksmiths and the debates about whether weaknesses in locks should
From a different Paul...
The problem is that many people notice that HTTP and SSL are allowed
through firewalls, they decide the best way to get nifty new service
through is to run it over HTTP or SSL. Many people avoid implementing
something like SMTP auth by running SMTP over SSL. Now say that
happy, they can, in fact, never be made
happy."
- -Paul Evans (as quoted by Barb Dijker in "Managing Support Staff", LISA '97)
On Thu, 4 Feb 1999, Paul Krumviede wrote:
Date: Thu, 04 Feb 1999 12:11:12 -0800
From: Paul Krumviede [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
C
Chris wrote:
At 2:11 PM -0500 3/5/99, Brian Jones wrote:
Does any know where I can get sample Router banners? (eg. Please
disconnect now, you are breaking the law!!)
Brian Jones
National Network Infastructure Support
[EMAIL PROTECTED]
I think you want to say a little more, like
--On Monday, 17 January, 2000 08:47 -0800 Merton Campbell Crockett
[EMAIL PROTECTED] wrote:
At the Microsoft Federal Security Conference last year, Microsoft had a
presentation on L2TP and IPsec. L2TP does use an IPsec encryption scheme
but does not provide a virtual connection in the same
first, class-full routing, and description of address space, is ancient
history. in particular, many DSL providers are being assigned slices
of what used to be called a class A address, and individual customers
of those providers get subsets (smaller contiguous non-overlapping
ranges) of those
There was some discussion of how much packet expansion
might be caused by IPsec in various modes (such as ESP tunnel
mode) some time ago. I don't think this is expected to be a large
increase, in percentage size, for "normal" packet size distributions,
as one is basically encapsulating the
--On Tuesday, 04 April, 2000 20:22 -0700 [EMAIL PROTECTED] wrote:
On 04/04/2000 at 21:09:42 EST, Bill Lavalette noc/sec Administrator
[EMAIL PROTECTED] wrote:
TCP 53 you would want to reject zone transfers from unauthorized hosts
this is one of the single most "doh's!! " when setting DNS
Hubs, repeaters, and level 2 switches do not reduce the
size of packets. Routers decrement the TTL field, but
do not change the size of the packet (this is assuming
the same media on both sides of the device).
Runt packets on ethernet are a result of collisions. Too
many repeaters/hubs cause
--On Thursday, 08 June, 2000 07:05 -0400 "Paul D. Robertson"
[EMAIL PROTECTED] wrote:
Hey! That's _my_ soapbox dammit! ;) Don't forget the
tunnel-everything-over-HTTP piece if you're gonna step up there!
check out draft-eastlake-ip-mime-03.txt (IP over MIME) :-)
-paul
-
[To unsubscribe,
ignoring the question of whether or not this should be supported,
there seem to be a few things to do if you do support it. for one
thing, don't expose plaintext reusable passwords. use something
like APOP or KPOP or one-time passwords for authentication to
the pop server.
-paul
"Watson, Peter"
this flexibility depends on part on the routing protocol(s)
being used, and in some instances on the platform being
used for routing. not all protocols support variable length
subnet masks, and as many people playing with gated
on various unix platforms discovered, not all unix
variants supported
--On Wednesday, 20 September, 2000 00:08 -0500 Brian Kifiak [EMAIL PROTECTED] wrote:
It's also a bad idea to put both of your nameservers on the same network,
That's not an absolute truth. It's quite common for small to medium
sized networks to only have one point of presence. If that
the description of address policy doesn't apply to the earlier
days of address assignment, so there are chunks of address
space assigned, for example, to entities (such as large
companies) that don't map to countries or even continents
very well.
there are a few commercial services that attempt
--On Friday, 15 March, 2002 18:03 -0500 Paul Robertson
[EMAIL PROTECTED] wrote:
On Fri, 15 Mar 2002, Scott Overfield wrote:
Good Morning,
My employer and I have been discussing the option of purchasing a Lucent
Orinoco system to replace the current ADSL line between our two
buildings,
--On Saturday, 16 March, 2002 10:47 + Steve Kennedy [EMAIL PROTECTED]
wrote:
On Fri, Mar 15, 2002 at 09:55:50AM -0700, Drew Einhorn wrote:
Yes, WEP is easily cracked. Don't depend on it. Don't waste resources
on WEP.
What resources, turn it on and use the same WEP password at both
--On Friday, 07 June, 2002 10:26 +0200 Ben Nagy [EMAIL PROTECTED] wrote:
-Original Message-
From: Mikael Olsson [mailto:[EMAIL PROTECTED]]
[...]
Kevin Steves wrote:
I'm tending to think TCP syslog over SSL/TLS would be a good thing
to have.
Yeah, I've sort of been thinking
picking up on this a bit later
--On Saturday, 01 June, 2002 20:03 +0200 Ben Nagy [EMAIL PROTECTED] wrote:
-Original Message-
From: Brett Lymn [mailto:[EMAIL PROTECTED]]
Sent: Saturday, June 01, 2002 3:27 PM
To: Ben Nagy
Cc: 'Ron DuFresne'; 'Brett Lymn'; [EMAIL PROTECTED]
one note: LDAP is a directory access protocol, not a
directory. one can have a RADIUS server implementation
that accesses a directory, perhaps using LDAP to do so.
you could also stick policy information in a directory; this
could be used by the authentication server at run-time to
determine the
19 matches
Mail list logo