Henning Westerholt wrote:
On Donnerstag, 24. Mai 2007, you wrote:
To warm-up an old discussion about this feature:
i think this should be really disabled by default, because of user
confusion and possible security issues.
I agree it confuses a bit (maybe because of the lack of docs), but other
other hand it is useful as it spears a lot of resources without any deep
knowledge from the user. Anyhow, what security issues do you see here?
Haven't look deeper into the code, but if somebody spoof some 503 packets to
the server (easy with UDP), then he could easily disable all outbound
destinations.
Well...I think this not something specific to blacklists, but to all
features/functionalities (like faking byes/replies to close or prevent
dialogs, etc ) :)
Regards,
Bogdan
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
