Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE

• Previous message: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• In reply to:(deleted message) Leythos: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Next in thread: Somebody.: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Reply: Somebody.: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Reply: Moe Trin: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 29 Oct 2005 03:12:42 -0230

"Leythos" <void@nowhere.lan> wrote in message
news:o3C8f.73308$Hs.28044@tornado.ohiordc.rr.com...
> In article <ccydnSSUvdooUP_eRVn-rg@comcast.com>, charlesnewman1
> @comcast.spam-me-not.net says...
>>
>> "Moe Trin" <ibuprofin@painkiller.example.tld> wrote in message
>> news:slrndlft96.hqq.ibuprofin@compton.phx.az.us...
>> > In the Usenet newsgroup comp.security.firewalls, in article
>> > <h-WdnQ11oZ45-MveRVnyiw@pipex.net>, Mike wrote:
>> >
>> >>One question. If this broadcast system is supposed to bring the
>> >>networks
>> >>to a grinding halt, how is anyone supposed to watch the event your
>> >>broadcasting? Seems to defeat the object of the exercise to me.
>> >
>> > You really don't expect a troll to notice all the little details, do
>> > you?
>>
>> There might be more tests going on. I caught a video
>> feed of Skate America that was pure genius. It kept
>> changing port numbers and addresses like crazy.
>> Based on what this guy kept talking about in the past,
>> it could be them. It if is, the only way to stop it is
>> to block everything from ports 1000 through 9000.
>
> Wrong, any real firewall will block it.

Well, the constantly changing ports and addresses, port
blocking is the only feasable way to stop it. With the
real-time monitoring in Tiny Personal Fireall (sorry, but
your hardware firewalls have not learned this yet), I
watched as addresses and ports changed like crazy,
that would make anything other than port blocking to
be useless. These guys know what they are doing
with computers, and port blocking is the only fesable
way to stop them.

This is where Tiny has the advantage over a hardware
appliance. Firewall rules can be given precedence. I
can tell Tiny to block everything from port 1000 to
9000, but if there is something else I want to allow
in that range, I can create rule with a higher precdence
to allow that specific service, while blocking everything
else in the port range. Hardware appliances dont have
precedence for rules like Tiny Personal Firewall does.
Score another one for software firewalls.

• Previous message: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• In reply to:(deleted message) Leythos: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Next in thread: Somebody.: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Reply: Somebody.: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Reply: Moe Trin: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]