On Wed, 2002-04-17 at 20:59, Daniel Pittman wrote: > On 17 Apr 2002, Jeff Norman wrote: > > One more thought to add before this thread dies: > > It's a pretty good thought, actually, so thanks for bringing it up. > ... > > If the OP had asked about doing this for privacy, not security, I > probably would have ignored the discussion -- at least, until someone > did claim it provided security. > > What you do for privacy is up to you. I don't bother with that much of > it, but I know how easy it is to track down information anyway. You may > and, if so, good luck to you. > > In the end, though, privacy comes down to your own level of paranoia and > a firewall isn't really relevant to it, most of the time. > > > Security, on the other hand, is very relevant to people and it's one of > the hardest areas to understand, work with and get right. It's also got > a very high cost in both security and privacy if you get it wrong. > > So, when someone suggests something that may provide privacy as being > something that provides security, I tend to jump on it. If they mistake > the two then they will end up with neither. :) >
I agree with the jist of that... Apologies if my post came off a bit lofty - I sometimes do that. ;) The point I was trying to bring up was that in a discussion about firewalls, we needn't be only concerned with how firewalls provide security, but we can also discuss other aspects of firewall administration. The OP didn't actually mention the reasoning behind his wanting to turn off TCP timestamps, and since most of the conversation was centered around the "security" of the issue, I just thought I'd interject with another view. Don't get me wrong, though, I think that your response was relevant, and I probably would have made the same point (as well as montioning the privacy aspect), since it wasn't clear what the intended benefit was. Jeff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
