> ut do we really have to make it easier
> to get in?
I'll ignore the rest; how does this make it easier to get in? It just
makes it easier to identify bad administrators (who don't update their
servers). I've already mentioned that its not much easier to scan HTTP
HEAD responses than to simply do a random IIS intrusion attempt against
an entire class B network (for example) with the bandwidth available
these days and with DDoS clients on peoples' machines. Again; your
deterrant is useless if everyone does it.
> There have been numerous DOS attacks, and if a major router
> goes down it takes ages to rearrange routing back where it was beforehand.
BGP4 handles this very well, actually. There just aren't enough routers
now that the Internet is privately operated (not enough inter-router
cooperation between large ISPs like UUNet and Sprint, for example).
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
