On Wed, 13 Aug 2003, Mans Nilsson wrote: > Subject: Re: Port blocking last resort in fight against virus Date: Wed, Aug 13, > 2003 at 09:57:56AM +0100 Quoting Stephen J. Wilcox ([EMAIL PROTECTED]): > > > Sorry I see where you're coming from on this but firewalls are more than just > > patches to broken OS's. > > > > In your world DoS traffic would be free to roam the networks as it pleased > > without being throttled sensibly at ingress? > > Providing one makes people responsible for what their boxes (not > aggregates of networks) cause, and enforces this, there will be no > DoS traffic; given a perfect world.
What if the people running the boxes are irresponsible, perhaps even harboring malicious intent > Even in an imperfect world, the solution lies in the edge, not even > the CPE, but the end node, if you want to do more than pathetic > bandaiding of the inherent problem of insecure applications on end > nodes. I dont have control of all end nodes but I do control my edge. Steve