[LINK] Streaming TV Tests

Saliya Wimalaratne saliya at hinet.net.au
Fri Mar 30 15:03:21 AEST 2007


On Fri, Mar 30, 2007 at 01:23:34PM +1000, Craig Sanders wrote:
> On Fri, Mar 30, 2007 at 09:41:22AM +1000, Howard Lowndes wrote:
> > Craig Sanders wrote:
> > >many protocols and services are udp - including DNS lookups. only an
> > >idiot would block all UDP packets.
> >
> > Same way that only an idiot would block ICMP, but it happens...
> 
> it would be noticed a lot quicker because they'd be blocking dns, so nothing
> would work.
> 
> blocking ICMP is just as broken, but not as *obviously* broken.

Hey,

I'm sure that everyone knows this; but in today's day and age protocol/port
blocks/drops are a reality and are in many cases a Good Thing. 

Blanket blocking of any protocol can be viewed as a little silly; 
but saying 'blocking ICMP is broken' just ain't so. Not too many 
people need ICMP type 13, for example. 

Blocking things-that-need-to-be-allowed is broken. 
Allowing things-that-need-to-be-blocked is broken. 

Regards,

Saliya

> craig
> 
> -- 
> craig sanders <cas at taz.net.au>
> 
> "The intelligent beings in these regions should therefore not be surprised
>  if they observe that their locality in the universe satisfies the conditions
>  that are necessary for their existence. It is a bit like a rich person
>  living in a wealthy neighborhood not seeing any poverty."
>                           [Stephen Hawking]
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
> 



More information about the Link mailing list