From owner-freebsd-current Thu Feb 29 12:51:25 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id MAA06972 for current-outgoing; Thu, 29 Feb 1996 12:51:25 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id MAA06967 Thu, 29 Feb 1996 12:51:22 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA06496; Thu, 29 Feb 1996 14:50:08 -0600 From: Joe Greco Message-Id: <199602292050.OAA06496@brasil.moneng.mei.com> Subject: Re: IPFW (was: Re: -stable hangs at boot) To: pst@shockwave.com (Paul Traina) Date: Thu, 29 Feb 1996 14:50:07 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, phk@critter.tfs.com, stable@freebsd.org, current@freebsd.org In-Reply-To: <199602292038.MAA00408@precipice.shockwave.com> from "Paul Traina" at Feb 29, 96 12:38:13 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-current@freebsd.org Precedence: bulk > Obligatory comment: > > 1597 space should *NEVER* be considered "more secure." > > The only difference between 1597 space and non-1597 space is that 1597 space > is not guaranteed to be unique across the internet. > > I can still get my packets through to (and often received from) a 1597 based > machine. Of course that is true. However, it IS inherently more difficult for you to get a packet routed to a 1597 network that is local, here, because there aren't any routes to help you, and in my opinion that does count as being "more secure". I am BY NO MEANS advocating the use of 1597 networks instead of firewalls and other traditional security tools. Paranoia and politics simply suggests that a 1597 network is yet another tool that helps keep trouble away. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/546-7968