On Wed, 2004-05-12 at 22:39, David Kempe wrote: > Robert Collins wrote: > > This is a bad idea. > > > > apt-get install something > > ... > > error - corrupt data. > > > > Don't do. It's worse than hijacking the sessions into a proxy in the > > first place. > > > > With the plethora of spyware around on the average PC, hijacking port 80 > connections is a great way to monitor and block them. You can > configure legitimate programs to use a proxy (apt for example or even > ftp for apt), and illegitimate ones fail silently. For spyware, thats a > good thing. > Robert, we don't all live in a squid-erific world, fact is, hijacking > connections is a great way to save bandwidth, monitor useage and filter > sites. I love squid, and you do great work, but sometimes I feel like > you haven't seen the shit some people suck off the net :)
Lets be clear here: I'm all for blocking port 80 flat out and requiring a proxy to be used. In that scenario illegitimate programs fail nicely :}. I'm also very pro network IDS's combined with firewall rules to dynamically drop, block or interrupt sessions. None of the above lead to the damaged semantics of hijacking, and they allow all the monitoring and blocking you could want. Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
signature.asc
Description: This is a digitally signed message part
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
