On Jun 25, 2008, at 2:49 AM, Matus UHLAR - fantomas wrote:
slovakia ended on machine at german machine. I know that something
can be
broken at this level. I just think that SA should not take care about
this...
Hm. Not sure I agree. I'm not asking SA to prevent it from
happening. I just don't want SA to believe it either ;-)
what you want requires big change in SA code that would probably
cause new
versions incompatible with newer versions of SA. I don't think
anyone here
want to go this way, instead of securing the network. I mean, if we
can't
trust local network, why should we trust anything external like DNS,
blacklists etc?
DNS blacklists are remarkably easy to forge DNS responses to, but the
effort of doing so is still greater than the value. That's not saying
we haven't seen this approach (we have -- still have sniffer dumps of
it) etc and such forth. DoS attacks against the DSBL hosts are
actually more effective in slowing down SA worldwide than anything
else at the moment ;-)
Anyway, the short version is that we don't trust it all that much. SA
learns to work without trusting it all that much. Mostly works pretty
well that way ;-) This is why I want to avoid explicitly telling SA to
trust something it shouldn't if I can.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness