Re: PF log parser and dynamic PF rules...

Wed, 17 Feb 2010 13:01:46 -0800 

On 17 feb 2010, at 12.38, Peter Hessler wrote:

> On 2010 Feb 17 (Wed) at 07:51:03 +0100 (+0100), Per-Olov Sjvholm wrote:
> :Answer correctly or don't answer at all.
>
> It seems to me that people *did* answer correctly.  But, their answer
> was not what you wanted to hear.
>
> The answer: don't use port knocking, use a randomized url.
>
>
https://example.com/64482a3717737695e4dd254a4d57da4f6c0795f3e811e8b12347625fb
285.rss
>
> Google, Apple, etc use this scheme for webcal access.  I strongly doubt
> your rss feed requires more privacy than people's private calendars.
>
>
> --
> Beware of altruism.  It is based on self-deception, the root of all
> evil.
>


I know what I am doing and it's a simple test. A production environment will
for sure be more secured. As said. I _very_ much appreciate if people give
their opinion _and_ an answer to the actual question if the person know how to
do what I ask for. But what  I don't like about it is that some just reply to
tell it's done wrong, even though they don not know the context and the
tradeoffs that have been made and why. Professional people could nicely tell
their opinion and a hint to my question IF they have any clue. If they think I
should have provided more info, they could say so I am a member of a few
helicopter forums, some Dreambox HTPC forums (TuxBOX), a bunch of Linux forums
(i.e many different kind of forums). Nowehere they hack at each other like
they do at the OpenBSD lists. This is the only sad thing about OpenBSD, the
mailinglist. Therefor I don't use it as much as before. A few of my developer
friends share this sadness with me.

You are right, Peter.      My rss feed does not require more privacy (at this
stage) than private google calendars. However there are a few problems with
randomized urls that I simply want to spend time on later. This as I at this
stage just want to sell in the idea with a test containing less important data
and therefor use less work. A prod environment will be more secured to fulfill
the security policies etc.


Tnx to the people who contributed with something.

This thread is closed for me now

/Per-Olov
--
GPG keyID: 5231C0C4
GPG fingerprint: B232 3E1A F5AB 5E10 7561 6739 766E D29D 5231 C0C4
GPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x766ED29D5231C0C4

Reply via email to