I'd have to agree with that position. If the system is not available,
its services have been denied. Whether that's through packet buffer
exhaustion (node issue), circuit saturation (path to node issue), or
sending RSTs using impersonated sequence numbers (protocol on node
issue), a DoS is a DoS is a DoS.

Not to rile Mr. mjr anymore than he already has (tiger, balls, kicking,
oh my!) I think a lot of what a firewall was originally "in place"/used
for was to obscure or prevent the exploitation of inherently insecure
systems from the "nefarious public".

Granted, and I'm with mjr on this one, by putting a screen door in front
of what you're trying to protect from the physical impact of raindrops
is still going to get wet in the end so what's the point other than

Which I hope is a humorous analogy to close this dead horse of a thread.


-----Original Message-----
[] On Behalf Of
Paul D. Robertson
Sent: Friday, November 30, 2007 7:51 AM
To:; Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] Firewalls that generate new packets..

On Fri, 30 Nov 2007, Darren Reed wrote:

> I definately don't classify (2) as a DOS problem. An


System crashes, availability is 0, how is that not a DoS? If we're
to use a standard vocabulary (and I think we must) then we can't
individually pick what the words mean.

Paul D. Robertson "My statements in this message are personal
opinions which may have no basis whatsoever in fact."

firewall-wizards mailing list

This message is intended only for the person(s) to which it is addressed
and may contain privileged, confidential and/or insider information.
If you have received this communication in error, please notify us
immediately by replying to the message and deleting it from your computer.
Any disclosure, copying, distribution, or the taking of any action concerning
the contents of this message and any attachment(s) by anyone other
than the named recipient(s) is strictly prohibited.

firewall-wizards mailing list