I did a dumb thing today.
I decided to be nice to someone who didn't deserve it and correct his
mistakes offline so that he wouldn't have to look like a dumbass in public.
In return, I got an earful of profanity. Honestly, I should have known
better.
I've watched Terranson participate on this list long enough to know that
he's not merely rude and obnoxious, he's mean. Bottom line, when you're
dealing with someone who isn't a particularly good person; there's no point
in trying to treat them like a human being. Like the man said; it wastes
your time and annoys the pig.
I get it. This is a place where he gets to feel like a big man. A tough
guy. Fine. Whatever floats his boat.
HOWEVER, that's no excuse for:
a) Acting like a JackAss. (Is that what the J.A. stands for?)
b) PUTTING OUT BAD INFORMATION.
For the record, Kid... (Act like a child, you'll get treated like one.)
1) An Autonomous System is a network or group of networks under the control
of a single administrator and/or administrative policy.
2) A "Multihomed" network is one which has more than one WAN connection to
one or more service providers.
3) The one has nothing to do with the other. ALL Autonomous systems are NOT
multihomed. In fact, the vast majority are not. If you actually understood
what an autonomous system was, you'd know that. But then, you wouldn't have
put your foot in your mouth.
4) Access Control Lists ARE traffic shaping devices. A device is a
contrivance, invention or technique serving a particular purpose. In this
case, the purpose being served is the movement of packets. The packets may
be moved to another port or they may be moved to "the trash". The ACL tells
the machine to examine the packet based on certain defined criteria that
the administrator chooses and make decisions about the movement of the
packet based on that criteria. This may serve a security purpose or it may
not.
5) Access Control Lists are constructed in a particular manner; complex to
simple. Specific to general. They don't HAVE to be written that way, but
they should be and there is a damned good reason for it. Once a packet
matches a particular line, the packet is moved. It may go to another port
or it may get dropped; but the point is that it doesn't stick around for a
second analysis. If you put a deny statement about a particular subnet
ABOVE a permit statement for a particular host FROM that subnet, it's too
late. The packet from that host has already been dumped. But hey, if you
don't mind having a buggy network because you insist on doing things YOUR
way, go ahead and write your ACL's any way you want. Not my problem.
As has already been pointed out, this is a subject better addressed in a
textbook. Whether you want to learn Cisco ACLs, iptables or whatever; you
need some in depth subject matter. This is a complex subject and one in
which you CLEARLY need remedial study.
One last thing, Kid...
You said that you could suggest some books for me?
If those are the same books that you got YOUR monumentally incorrect
information out of, no thanks.
I actually know something about this subject, and I'd like to keep it that
way.
You may now feel free to have the last word. I'd know that sort of thing is
important to someone like you.
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
