[PROXYPER] Re: [RC5-PROXYPER] Basic setup for LAN with a...
j-zbiciak1 at ti.com
Wed Sep 9 10:31:09 EDT 1998
'Henry Miller' said previously:
| WARNING! The following messages suggests a technical move that is not in
| the best interest of everyone.
Pardon me while I scratch my head... HUH?
The message thread attached described
-- Setting up a personal proxy on a private segment of network
-- Setting it up with a hard-coded IP for the main keyserver
-- Setting your clients to see the personal proxy manually, since
they default to sending them to us.v27.distributed net.
Yes, DNS cache poisoning and spoofing might subvert a handful of clients
out there into talking to someone's perproxy instead of a main keyserver,
but I really don't think that's much of a problem. Besides, perproxies
announce themselves as perproxies (see the "[pp]" in the log files).
By hardcoding IPs, DNS is bypassed entirely, which is a different issue
-- the load balancing between the main key servers that's usually
accomplished by round-robin DNS no longer works.
| If you do not understand the implications
| of it, don't try it. In particular anyone using this system must be sure
| that they will not send incorrect data to the internet.
What *are* the implications you're referring to? What specific action
are you objecting to?
The most controversial bit in the whole mess is hardcoding IP's in the
perproxy because it doesn't seem to be able to do DNS reliably.
+------ Joseph Zbiciak -----+
| - - j-zbiciak1 at ti.com - - | "Can I ask you a really stupid question?"
|-Texas Instruments, Dallas-|
| - #include <disclaim.h> - | "Yes, and history will bear me out on that."
To unsubscribe, send 'unsubscribe proxyper' to majordomo at lists.distributed.net
More information about the proxyper