[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-elitists
Subject: Re: [linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
From: Nick Moffitt <nick () zork ! net>
Date: 2003-01-31 21:28:45
[Download RAW message or body]
begin Andrew quotation:
> There's security, and then there's realistic security. A
> reasonably-paranoid NAT and stateful firewall would have also
> stopped this. Proxies work great so long as everyone plays nice.
> Unfortunately not all applications we run play nice, and the ones
> writing the cheques don't particularly care that fooWare 2000
> doesn't play well with proxies, they just want the software they
> were sold to work.
Sometimes they play too nicely. Brian Behlendorf once told a
story about MSIE re: HTTP 1.1. He said that they just plain didn't
work with apache's 1.1 stuff.
Some reps said "but we *tested* it against apache! We forced
HTTP 1.1 in the client code and tested *apache.org* for krissakes!".
"Well, it doesn't load apache.org NOW!"
"Wait, it works just fine for us."
Turns out their proxy was accepting their MS version of
HTTP1.1 and then speaking HTTP1.0 to the outside world. Their tests
were all bogus from the get-go.
_______________________________________________
linux-elitists
http://zgp.org/mailman/listinfo/linux-elitists
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic