Ulisses wrote: > Hello Brian > > On Thu, Nov 17, 2005 at 10:40:53AM -0500, Brian Utterback wrote: > >>Ulisses wrote: > > [...] > >>the only way to get the address of the server is looking at the IP header. >> >>>Am I wrong? >> >>You are correct, > > > Ok, thanks so much for your confirmation > > >>that is a flaw in the protocol design. > >
No Brian is wrong. Yon are confusing protocol with implementation. > heh, people doing NAT will not agree with you for sure :-) > Or anyone else at IETF. > > > > [OFFTOPIC] Probably I'm wrong but I would like also to hear from security > gurus that blocking icmps or not sending icmp error messages (being silent) > is a bad practice. > See Mark Andrews comments on this very topic in the bind-users mailing list/newsgroup. Look for the topic on SO_BSDCOMPAT MESSAGE from yesterday (Nov 16). I couldn't have said it better myself. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
