[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: German prosecutors redouble attack on Net, subversive leftists

> numbers, and alias the lot on their web site - this would increase the
> number of blocked addresses needed.  It might also be a good idea to run
> some proxies on unusual ports (eg. smtp, DNS, pop, ftp ports) (although
> of course this will then need to be a dedicated proxy machine) - again
> this would increase the size of the blacklist that the Germans must use,

	Of course if they're simply denying all traffic to a given
network, a different port isn't going to make any difference. :)

> and may involve some awkward router programming (for example, a router
> might be configured to allow all DNS traffic - if a proxy is sitting on
> the DNS port, then things get a bit difficult to set up).  Of course,
> netscape probably won't allow use of these ports (it certainly doesn't
> allow the use of port 79).

	I think the restriction on port 79 (the finger daemon port)
was because there still are a lot of fingerd's with buffer overrun
holes and it was just too easy to use netscape to exploit them.  Jeff
or another of the people from NS probably can give the full explanation.

Fletch                                                     __`'/|
[email protected]  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------