iptables: drop or reject?
John Summerfield
debian at herakles.homelinux.org
Sun Oct 28 10:32:46 UTC 2007
Tim wrote:
> On Sun, 2007-10-28 at 17:27 +0900, John Summerfield wrote:
>> Anyone who thinks identd provides any security at all wrt computers
>> they don't control is ignorant or stupid.
>>
>> It's trivial to find (or even, at a pinch write/modify one) a fake
>> identd that will say anything one chooses; anyone implementing
>> security assuming otherwise is trusting the untrustworthy.
>
> Too true, but unfortunately that doesn't stop some ISPs from leaving
> their mail servers configured to check for it. Nor does it stop many
Sendmail used to do that. I don't normally use sendmail these days, so
couldn't say whether it's changed. It'd be pretty simple for the pfy to
overlook it.
--
Cheers
John
-- spambait
1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
Please do not reply off-list
More information about the users
mailing list