No, I preferred the policeman and the router doing their job: to make the system fluent and eventually stop someone or something by orders coming from the right authority. In both systems, to be 'bad' or not is an higher layer issue (civilization or OSI Ref. Mod.,...no difference) than the layer where the policeman and the router work and make their decisions and actions. -----Messaggio originale----- Da: Wang Hui [mailto:[EMAIL PROTECTED]] Inviato: sabato 21 settembre 2002 4.13 A: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Oggetto: Re: Current network/Internet is so weak...in face of Nimda-likewo rms I think the next-generation routes/gateways should take more responsibility. For example, routers, or gateways, to the network/Internet is what the policmen to the city high-way comunication system. The policmen should make the highway system fluent, and so do to the future routers. But the quesiton is how the router know what are 'bad' packets? ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, September 20, 2001 11:08 PM Subject: RE: Current network/Internet is so weak...in face of Nimda-likewo rms > Please take this thread off ipng! > > Mat. > > > -----Original Message----- > > From: Vishwanathan K [mailto:[EMAIL PROTECTED]] > > Sent: 20 September 2001 16:01 > > To: Greg Maxwell > > Cc: Wang Hui; Matti Aarnio; [EMAIL PROTECTED] > > Subject: Re: Current network/Internet is so weak...in face of > > Nimda-likeworms > > > > > > > > > > > Security policies can also be applied to the hosts within > > the network. But ultimately, the gateways > > > > are responsible for security of its internal network. > > > > obviously 'virus-control' was not being implied here !! > > I was referring to more of things like packet filtering, > > firewalling and IP security policies. which i > > agree have nothing to do with detecting malicious code. > > > > > Are are obviously from a different universe then the rest > > of us. In our > > > universe we us an incredibly flexible protocol called IP > > that is smart > > > enough to know that policy can only be truly effectively done on the > > > end-node and thus does it on the end node. > > > > > > I don't know how you would expect a router to know that an > > application is > > > requesting a file called README.EML much less that it > > contains malicious > > > code and that IE5 will execute it without it's users > > knowledge, except as > > > an after the fact clean-up measure initated by humans. > > > > > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
