OS fingerprinting and traffic shaping with iptables? - Networking

This is a discussion on OS fingerprinting and traffic shaping with iptables? - Networking ; "Mark Crispin" wrote in message news:alpine.OSX.0.83.0703241136020.19514@pangtzu.p anda.com... : On Fri, 23 Mar 2007, Vernon Schryver wrote: : > In article , : > MikE ?ampbell wrote: : >> Use port 110, its free (as in you paid for it). : ...

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 23 of 23

Thread: OS fingerprinting and traffic shaping with iptables?

  1. Re: OS fingerprinting and traffic shaping with iptables?


    "Mark Crispin" wrote in message
    news:alpine.OSX.0.83.0703241136020.19514@pangtzu.p anda.com...
    : On Fri, 23 Mar 2007, Vernon Schryver wrote:
    : > In article ,
    : > MikE ?ampbell wrote:
    : >> Use port 110, its free (as in you paid for it).
    : > Telling someone to "Use port 110, its free (as in you paid for it)"
    : > is like advising someone to "Tell the bus driver to take you home."
    : > It can be good advice, unless it is being given to the bus driver
    : > instead of a passenger, in which case it suggests confusion or
    : > limited familiarity with the subject matter.
    :
    : True; and it's even sillier to give that advice to someone who is in the
    : manufactures buses. [I wrote one of the more widely-used port 110
    : servers.]
    :
    : In any case, port 110 (POP3) is not a substitute for port 25 (SMTP); the
    : mail sending capabilities in some POP3 servers is an unofficial hack,
    : based upon the presumption that authorization to read mail is equivalent
    : to authorization to send mail. The substitute is port 587 (SUBMISSION),
    : which requires authentication.
    :
    : > Real Internet service generally does not include POP service, except
    : > when a consumer account is included at no extra cost. Real Internet
    : > service is raw, unfiltered IP bandwidth and little if anything more.
    :
    : Complete agreement!
    :
    Well when you two have shut down anyone sending email via port 25, what port
    will we be able to send it from? I ask purley from an laymans prospective.
    You couldn't make this stuff up from the pair of you. Mark has kindly
    written our incoming mail servers programme for us but doesn't want us to be
    able to send any, Vernon thinks its unethical to shape or slow traffic based
    on IP or OS but ithat its fine to shape it based on what you pay for, we all
    pay anyway. I hope you two don't work for any major ISP's, let me
    guess.......AOL? !!!



  2. Re: OS fingerprinting and traffic shaping with iptables?


    "Vernon Schryver" wrote in message
    news:eu3r2d$kgo$1@calcite.rhyolite.com...
    : In article <46054bf7$0$22541$8404b019@news.wineasy.se>,
    : David Brown wrote:
    :
    : >> If I were to try to filter spam by identifying the SMTP client, I would
    : >> not just delay mail from Microsoft systems, but reject it if it were
    : >> an unfamiliar (i.e. not locally whitelist) system. As I said earilier,
    : >> I would try to "fingerprint" the SMTP client's operating system only
    : >> if I could not use Spamhaus's PBL, because to a first approximation,
    : >> the PBL is a list of unsanctioned Microsoft SMTP clients.
    : >
    : >I still don't think that treating every windows system as a spam source
    : >is reasonable, even if you are unable to use a more accurate blacklist
    : >such as Spamhaus. While most addresses on that list belong to windows
    : >machines, many windows mail servers are not spam sources - spam checking
    : >should always err on the side of letting through spam rather than
    : >blocking legitimate mail.
    :
    : As they say "Your network, your rules."
    :
    Right, so whats the deal with you wanting to deny people to use port 25 for
    SMPT unless they use a 'real internet service', different rules now hey?

    : Perhaps I should mention that I use neither the PBL nor O/S
    fingerprinting.
    : But then perhaps I should say that I don't use the PBL because it
    : includes legitimate DNS servers such as Comcasts and that I like to
    : check MX, NS, and A RRs seen in SMTP envelopes and bodies.
    :

    No you shouldn't mention it, it has nothing to do with shaping SMPT traffic
    based on OS.

    : People whose livelihoods depend in part on receiving mail tend to
    : prefer false negatives to false positives. People for whom email
    : is recreation often prefer not receiving any spam. Many of them
    : would be best served by a pure whitelisting system, where they can
    : receive email by pre-arrangement. People for whom mail and the
    : Internet in general doesn't involve their income tend to buy consumer
    : grade intead of real Internet service.
    :

    You might want to inform about 99% of Ebay users of that fact.

    : It has belatedly occurred to me to point out the official IETF
    : standard definition of real Internet service in RFC 4084. Never mind
    : that for political reasons it uses "Full Internet Connectivity." See
    : http://www.ietf.org/rfc/rfc4084.txt
    :
    :
    You must work for my ISP (Orange), they are about the most clueless ISP
    there is.



  3. Re: OS fingerprinting and traffic shaping with iptables?

    In news:eu4rrc.2s0.2@mikes.news.private,
    MikE Šampbell wrote:

    > Well when you two have shut down anyone sending email via port 25,
    > what port will we be able to send it from? I ask purley from an
    > laymans prospective.


    Obviously a "layman", since you don't understand the ports involved in
    sending or receiving email. You're still still very ignorantly opinionated,
    however.

    > Mark has kindly written our incoming mail servers programme for
    > us ...


    Yes indeed, very ignorant you are, not knowing the difference between
    POP/IMAP and SMTP.


+ Reply to Thread
Page 2 of 2 FirstFirst 1 2