On Fri, 1 Jun 2007, Andrew Sullivan wrote:
> Hello Dean,
>
> On Fri, Jun 01, 2007 at 12:07:48AM -0400, Dean Anderson wrote:
> > On Thu, 31 May 2007, Andrew Sullivan wrote:
> > >
> > > The popular TCP Wrapper package was originally conceived to discover
> > > the network location of an attacker [Venema1992].
> >
> > No. Early TCP wrappers just provided logs of activity, and then later to
> > provide access control.
>
> You may have overlooked the sentence in the paper that says, "I
> decided, however, that it would be more productive to maintain the
> service and to find out where the finger requests were coming from."
No; I looked further into the context of that statement, and I cited
that context to you in my previous message: The purpose of the TCP
Wrappers tool was to provide _logs_ for programs which didn't produce
logs and for which source code wasn't available. I showed you the logs
produced by the tool which were given as examples in the paper.
My draft also points out the flaw of using Reverse DNS for logging, and
so the 1992 TCP-wrappers' tool is discredited in that regard. This is a
major difference between our drafts: Your draft presents discredited
practices as credulous, while I provide the full context, including the
fact that these practices were discredited.
> What you regard as a myth others regard as a useful clue.
A "myth" is something which isn't true. False claims can certainly be
useful clues, but only to identify those other dependent ideas that also
aren't true.
But I think the history of the Venema paper is probably important, and
I'm going to add it to my draft, as well. Thanks for the suggestion.
That was a very good item.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop
